[Git][security-tracker-team/security-tracker][master] Add CVE-2024-25638/dnsjava
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 23 14:06:34 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
735a1f52 by Salvatore Bonaccorso at 2024-07-23T15:05:49+02:00
Add CVE-2024-25638/dnsjava
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -242,7 +242,9 @@ CVE-2024-26020 (An arbitrary script execution vulnerability exists in the MPV fu
- anki <unfixed>
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1993
CVE-2024-25638 (dnsjava is an implementation of DNS in Java. Records in DNS replies ar ...)
- TODO: check
+ - dnsjava <unfixed>
+ NOTE: https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw
+ NOTE: https://github.com/dnsjava/dnsjava/commit/bc51df1c455e6c9fb7cbd42fcb6d62d16047818d (v3.6.0)
CVE-2024-23321 (For RocketMQ versions 5.2.0 and below, under certain conditions, there ...)
NOT-FOR-US: Apache RocketMQ
CVE-2024-21552 (All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/735a1f52d87d6b65a70c51be7a6ae5c0d16fb929
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/735a1f52d87d6b65a70c51be7a6ae5c0d16fb929
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240723/2fbf3d75/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list