[Git][security-tracker-team/security-tracker][master] Add CVE-2024-6237/389-ds-base

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f67e9a01 by Salvatore Bonaccorso at 2024-07-09T22:52:13+02:00
Add CVE-2024-6237/389-ds-base

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,9 @@ CVE-2024-6527 (SQL Injection vulnerability in parameter "w" in file "druk.php" i
 CVE-2024-6391 (The oik plugin for WordPress is vulnerable to Stored Cross-Site Script ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-6237 (A flaw was found in the 389 Directory Server. This flaw allows an unau ...)
-	TODO: check
+	- 389-ds-base 2.4.5+dfsg1-1
+	NOTE: https://github.com/389ds/389-ds-base/issues/5989
+	NOTE: https://github.com/389ds/389-ds-base/commit/e8dd583685e6143f2027f97569de4cc45ba46e14 (389-ds-base-2.4.5)
 CVE-2024-6222 (In Docker Desktop before v4.29.0, an attacker who has gained access to ...)
 	TODO: check
 CVE-2024-6168 (The Just Custom Fields plugin for WordPress is vulnerable to Cross-Sit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f67e9a0165682d6e0d4c81ff8150226a433e224f

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f67e9a0165682d6e0d4c81ff8150226a433e224f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240709/7bcad7a1/attachment.htm>