[Git][security-tracker-team/security-tracker][master] Add four new tcpdf CVEs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 27 08:21:43 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
089bebf9 by Salvatore Bonaccorso at 2024-12-27T09:21:17+01:00
Add four new tcpdf CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,17 @@
CVE-2024-56527 (An issue was discovered in TCPDF before 6.8.0. The Error function lack ...)
- TODO: check
+ - tcpdf <unfixed>
+ NOTE: Fixed by: https://github.com/tecnickcom/TCPDF/commit/11778aaa2d9e30a9ae1c1ee97ff349344f0ad6e1 (6.8.0)
CVE-2024-56522 (An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag use ...)
- TODO: check
+ - tcpdf <unfixed>
+ NOTE: Fixed by: https://github.com/tecnickcom/TCPDF/commit/d54b97cec33f4f1a5ad81119a82085cad93cec89 (6.8.0)
CVE-2024-56521 (An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CUR ...)
- TODO: check
+ - tcpdf <unfixed>
+ NOTE: Fixed by: https://github.com/tecnickcom/TCPDF/commit/aab43ab0a824e956276141a28a24c7c0be20f554 (6.8.0)
CVE-2024-56520 (An issue was discovered in tc-lib-pdf-font before 2.6.4, as used in TC ...)
TODO: check
CVE-2024-56519 (An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not s ...)
- TODO: check
+ - tcpdf <unfixed>
+ NOTE: Fixed by: https://github.com/tecnickcom/TCPDF/commit/c9f41cbb84880bdb4fc3e0a9d287214d1ac4d7f4 (6.8.0)
CVE-2024-56510 (@marp-team/marp-core is the core for Marp, which is the ecosystem to w ...)
TODO: check
CVE-2024-56361 (LGSL (Live Game Server List) provides online status for games. Before ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/089bebf952a4cfc78af18bd96588d9c1d080fe23
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/089bebf952a4cfc78af18bd96588d9c1d080fe23
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241227/c67a4e42/attachment.htm>
More information about the debian-security-tracker-commits
mailing list