[Git][security-tracker-team/security-tracker][master] Add CVE-2024-39123/calibre-web

Fri Jul 19 21:19:20 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
61128183 by Salvatore Bonaccorso at 2024-07-19T22:18:48+02:00
Add CVE-2024-39123/calibre-web

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51,7 +51,7 @@ CVE-2024-39906 (A command injection vulnerability was found in the IndieAuth fun
 CVE-2024-39457 (Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerabi ...)
 	NOT-FOR-US: Cybozu
 CVE-2024-39123 (In janeczku Calibre-Web 0.6.0 to 0.6.21, the edit_book_comments functi ...)
-	TODO: check
+	- calibre-web <itp> (bug #982690)
 CVE-2024-37066 (A command injection vulnerability exists in Wyze V4 Pro firmware versi ...)
 	NOT-FOR-US: Wyze
 CVE-2024-32007 (An improper input validation of thep2c parameter in the Apache CXF JOS ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/611281831684a305738e70b6ba42b3671f9d8069

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/611281831684a305738e70b6ba42b3671f9d8069
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240719/08f2ed78/attachment-0001.htm>
