[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2024-6221/python-flask-cors
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 4 21:40:15 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
61da9340 by Salvatore Bonaccorso at 2024-12-04T22:39:22+01:00
Add fixed version for CVE-2024-6221/python-flask-cors
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27810,11 +27810,13 @@ CVE-2024-7905 (A vulnerability classified as critical has been found in DedeBIZ
CVE-2024-7904 (A vulnerability was found in DedeBIZ 6.3.0. It has been rated as criti ...)
NOT-FOR-US: DedeBIZ
CVE-2024-6221 (A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Ac ...)
- - python-flask-cors <unfixed> (bug #1081300)
+ - python-flask-cors 5.0.0-1 (bug #1081300)
[bookworm] - python-flask-cors <postponed> (Minor issue, revisit when fixed upstream)
[bullseye] - python-flask-cors <postponed> (Minor issue)
NOTE: https://huntr.com/bounties/a42935fc-6f57-4818-bca4-3d528235df4d
NOTE: https://github.com/corydolphin/flask-cors/issues/337
+ NOTE: https://github.com/advisories/GHSA-hxwh-jpp2-84pm
+ NOTE: https://github.com/corydolphin/flask-cors/commit/7ae310c56ac30e0b94fb42129aa377bf633256ec (4.0.2)
CVE-2024-43353 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-43352 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61da9340fd294d202e6e71ce5d75a16d90941417
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61da9340fd294d202e6e71ce5d75a16d90941417
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241204/4ffa4e13/attachment.htm>
More information about the debian-security-tracker-commits
mailing list