[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c7a64c0 by security tracker role at 2024-07-06T20:12:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,28 @@
-CVE-2024-39486 [drm/drm_file: Fix pid refcounting race]
+CVE-2024-6095 (A vulnerability in the /models/apply endpoint of mudler/localai versio ...)
+	TODO: check
+CVE-2024-5616 (A Cross-Site Request Forgery (CSRF) vulnerability exists in mudler/Loc ...)
+	TODO: check
+CVE-2024-37554 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37553 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37547 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+	TODO: check
+CVE-2024-37546 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37542 (Missing Authorization vulnerability in WpDevArt Responsive Image Galle ...)
+	TODO: check
+CVE-2024-37541 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37539 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37260 (Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.T ...)
+	TODO: check
+CVE-2024-37234 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in K ...)
+	TODO: check
+CVE-2024-37208 (Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP S ...)
+	TODO: check
+CVE-2024-39486 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
 	- linux <unfixed>
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
 	[bullseye] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c7a64c0c01fc6f2b21215e7bb43629ff7b5cdc9

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c7a64c0c01fc6f2b21215e7bb43629ff7b5cdc9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240706/e7651c81/attachment-0001.htm>