[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-41996 and CVE-2022-40735

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Aug 31 09:01:38 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3d495cf4 by Salvatore Bonaccorso at 2024-08-31T10:00:49+02:00
Update status for CVE-2024-41996 and CVE-2022-40735

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -901,7 +901,8 @@ CVE-2024-42788 (A Stored Cross Site Scripting (XSS) vulnerability was found in "
 CVE-2024-42787 (A Stored Cross Site Scripting (XSS) vulnerability was found in "/music ...)
 	NOT-FOR-US: Kashipara Music Management System
 CVE-2024-41996 (Validating the order of the public keys in the Diffie-Hellman Key Agre ...)
-	TODO: check
+	NOTE: Generic Diffie-Hellman protocol issue
+	NOTE: https://dheatattack.gitlab.io/details/
 CVE-2024-41879 (Acrobat Reader versions 127.0.2651.105 and earlier are affected by an  ...)
 	NOT-FOR-US: Adobe
 CVE-2024-41444 (SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of ...)
@@ -156902,6 +156903,7 @@ CVE-2022-40736 (An issue was discovered in Bento4 1.6.0-639. There ie excessive
 	NOT-FOR-US: Bento4
 CVE-2022-40735 (The Diffie-Hellman Key Agreement Protocol allows use of long exponents ...)
 	NOTE: Generic Diffie-Hellman protocol issue
+	NOTE: https://dheatattack.gitlab.io/details/
 CVE-2022-40734 (UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 al ...)
 	NOT-FOR-US: Laravel Filemanager
 CVE-2022-40733



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d495cf4b6cbe092be30fc3b158974bfc97c5095

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d495cf4b6cbe092be30fc3b158974bfc97c5095
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240831/870fcab1/attachment.htm>

More information about the debian-security-tracker-commits mailing list