[Git][security-tracker-team/security-tracker][master] Add new nodejs issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 9 06:00:06 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5795765d by Salvatore Bonaccorso at 2024-07-09T06:59:32+02:00
Add new nodejs issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2024-37372
+ - nodejs <not-affected> (Only affect Node.js on Windows)
+ NOTE: https://nodejs.org/en/blog/vulnerability/july-2024-security-releases#permission-model-improperly-processes-unc-paths-cve-2024-37372---low
+CVE-2024-22018
+ - nodejs <unfixed>
+ NOTE: https://nodejs.org/en/blog/vulnerability/july-2024-security-releases#fslstat-bypasses-permission-model-cve-2024-22018---low
+CVE-2024-36137
+ - nodejs <unfixed>
+ NOTE: https://nodejs.org/en/blog/vulnerability/july-2024-security-releases#fsfchownfchmod-bypasses-permission-model-cve-2024-36137---low
+CVE-2024-22020
+ - nodejs <unfixed>
+ NOTE: https://nodejs.org/en/blog/vulnerability/july-2024-security-releases#bypass-network-import-restriction-via-data-url-cve-2024-22020---medium
CVE-2024-6580 (The /n software IPWorks SSH library SFTPServer component can be induce ...)
NOT-FOR-US: /n software IPWorks SSH library SFTPServer component
CVE-2024-6564 (Buffer overflow in "rcar_dev_init" due to using due to using untruste ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5795765dc354ef79397be5cb625761e08cea3450
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5795765dc354ef79397be5cb625761e08cea3450
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240709/ee1ef07b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list