[Git][security-tracker-team/security-tracker][master] Track fixed version for two tcpdf issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 12 10:27:19 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
58ca59f8 by Salvatore Bonaccorso at 2024-12-12T11:26:00+01:00
Track fixed version for two tcpdf issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4079,7 +4079,7 @@ CVE-2024-52336 (A script injection vulnerability was identified in the Tuned pac
CVE-2024-52008 (Fides is an open-source privacy engineering platform. The user invite ...)
NOT-FOR-US: Fides
CVE-2024-51058 (Local File Inclusion (LFI) vulnerability has been discovered in TCPDF ...)
- - tcpdf <unfixed> (bug #1088332)
+ - tcpdf 6.7.7+dfsg-1 (bug #1088332)
NOTE: https://github.com/tecnickcom/TCPDF/commit/bfa7d2b6d455ebf72ebe3d48fbd487ee5a1f6f3b (6.7.6)
CVE-2024-50377 (A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the ...)
NOT-FOR-US: Advantech
@@ -51299,7 +51299,7 @@ CVE-2024-23580 (HCL DRYiCE Optibot Reset Station is impacted byinsecure encrypti
CVE-2024-23579 (HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of ...)
NOT-FOR-US: HCL
CVE-2024-22641 (TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Express ...)
- - tcpdf <unfixed> (bug #1072528)
+ - tcpdf 6.7.7+dfsg-1 (bug #1072528)
[bookworm] - tcpdf <no-dsa> (Minor issue)
[bullseye] - tcpdf <no-dsa> (Minor issue)
NOTE: https://github.com/tecnickcom/TCPDF/issues/724
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58ca59f8ce38aec4f0bb306b7f7dbf6fdacb1189
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58ca59f8ce38aec4f0bb306b7f7dbf6fdacb1189
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241212/d233a323/attachment.htm>
More information about the debian-security-tracker-commits
mailing list