[Git][security-tracker-team/security-tracker][master] automatic update

Sun Jul 7 21:12:25 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0e637032 by security tracker role at 2024-07-07T20:12:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2024-6229 (A stored cross-site scripting (XSS) vulnerability exists in the 'Uploa ...)
+	TODO: check
+CVE-2024-40614 (EGroupware before 23.1.20240624 mishandles an ORDER BY clause.)
+	TODO: check
 CVE-2024-40605 (An issue was discovered in the Foreground skin for MediaWiki through 1 ...)
 	NOT-FOR-US: Foreground skin for MediaWiki
 CVE-2024-40604 (An issue was discovered in the Nimbus skin for MediaWiki through 1.42. ...)
@@ -27200,7 +27204,7 @@ CVE-2023-52144 (Improper Limitation of a Pathname to a Restricted Directory ('Pa
 	NOT-FOR-US: WordPress plugin
 CVE-2024-3508 (A flaw was found in Bombastic, which allows authenticated users to upl ...)
 	NOT-FOR-US: Bombastic's use of bzip2
-CVE-2024-3651 [potential DoS via resource consumption via specially crafted inputs to idna.encode()]
+CVE-2024-3651 (A vulnerability was identified in the kjd/idna library, specifically w ...)
 	{DLA-3811-1}
 	- python-idna 3.6-2.1 (bug #1069127)
 	[bookworm] - python-idna 3.3-1+deb12u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e637032c4cb9ecd269e58c326012549f868adb2

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e637032c4cb9ecd269e58c326012549f868adb2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240707/80107820/attachment.htm>
