[Git][security-tracker-team/security-tracker][master] new ckeditor issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Feb 9 13:30:14 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2d1480d0 by Moritz Muehlenhoff at 2024-02-09T14:29:12+01:00
new ckeditor issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -293,9 +293,15 @@ CVE-2024-24823 (Graylog is a free and open log management platform. Starting in
 CVE-2024-24822 (Pimcore's Admin Classic Bundle provides a backend user interface for P ...)
 	NOT-FOR-US: Pimcore's Admin Classic Bundle
 CVE-2024-24816 (CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.  ...)
-	TODO: check
+	- ckeditor <unfixed>
+	- ckeditor3 <unfixed>
+	NOTE: https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-mw2c-vx6j-mg76
+	NOTE: https://github.com/ckeditor/ckeditor4/commit/8ed1a3c93d0ae5f49f4ecff5738ab8a2972194cb
 CVE-2024-24815 (CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.  ...)
-	TODO: check
+	- ckeditor <unfixed>
+	- ckeditor3 <unfixed>
+	NOTE: https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-fq6h-4g8v-qqvm
+	NOTE: https://github.com/ckeditor/ckeditor4/commit/8ed1a3c93d0ae5f49f4ecff5738ab8a2972194cb
 CVE-2024-24812 (Frappe is a full-stack web application framework that uses Python and  ...)
 	NOT-FOR-US: Frappe Framework
 CVE-2024-24811 (SQLAlchemyDA is a generic database adapter for ZSQL methods. A vulnera ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d1480d0975ccad4693149e05ce6c4877677a039

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d1480d0975ccad4693149e05ce6c4877677a039
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240209/37c76666/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list