[Git][security-tracker-team/security-tracker][master] Add CVE-2024-54133/rails
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 12 09:35:16 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd30b21a by Salvatore Bonaccorso at 2024-12-12T10:34:55+01:00
Add CVE-2024-54133/rails
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -617,7 +617,12 @@ CVE-2024-55655 (sigstore-python is a Python tool for generating and verifying Si
CVE-2024-55653 (PwnDoc is a penetration test report generator. In versions up to and i ...)
NOT-FOR-US: PwnDoc
CVE-2024-54133 (Action Pack is a framework for handling and responding to web requests ...)
- TODO: check
+ - rails <unfixed>
+ NOTE: https://github.com/rails/rails/security/advisories/GHSA-vfm5-rmrh-j26v
+ NOTE: https://github.com/rails/rails/commit/2e3f41e4538b9ca1044357f6644f037bbb7c6c49 (v8.0.0.1)
+ NOTE: https://github.com/rails/rails/commit/3da2479cfe1e00177114b17e496213c40d286b3a (v7.2.2.1)
+ NOTE: https://github.com/rails/rails/commit/5558e72f22fc69c1c407b31ac5fb3b4ce087b542 (v7.1.5.1)
+ NOTE: https://github.com/rails/rails/commit/cb16a3bb515b5d769f73926d9757270ace691f1d (v7.0.8.7)
CVE-2024-54051 (Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL ...)
NOT-FOR-US: Adobe
CVE-2024-54050 (Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd30b21a22dd127670ac744f5a1b0971f253e2c2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd30b21a22dd127670ac744f5a1b0971f253e2c2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241212/fb3b28bc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list