[Git][security-tracker-team/security-tracker][master] Add preliminary status for two twisted CVEs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 29 21:57:48 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2d04a17e by Salvatore Bonaccorso at 2024-07-29T22:57:10+02:00
Add preliminary status for two twisted CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50,7 +50,9 @@ CVE-2024-41817 (ImageMagick is a free and open-source software suite, used for e
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8
NOTE: https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38
CVE-2024-41810 (Twisted is an event-based framework for internet applications, support ...)
- TODO: check
+ - twisted <unfixed>
+ NOTE: https://github.com/twisted/twisted/security/advisories/GHSA-cf56-g6w6-pqq2
+ NOTE: Merge commit: https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33 (twisted-24.7.0rc1)
CVE-2024-41799 (tgstation-server is a production scale tool for BYOND server managemen ...)
NOT-FOR-US: tgstation-server
CVE-2024-41726 (Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 ...)
@@ -58,7 +60,10 @@ CVE-2024-41726 (Path traversal vulnerability exists in SKYSEA Client View Ver.3.
CVE-2024-41676 (Magento-lts is a long-term support alternative to Magento Community Ed ...)
NOT-FOR-US: Magento LTS (alternative to Magento Community Edition)
CVE-2024-41671 (Twisted is an event-based framework for internet applications, support ...)
- TODO: check
+ - twisted <unfixed>
+ NOTE: https://github.com/twisted/twisted/security/advisories/GHSA-c8m8-j448-xjx7
+ NOTE: https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33 (twisted-24.7.0rc1)
+ NOTE: https://github.com/twisted/twisted/commit/4a930de12fb67e88fefcb8822104152f42b27abc (twisted-24.7.0rc1)
CVE-2024-41640 (Cross Site Scripting (XSS) vulnerability in AML Surety Eco up to 3.5 a ...)
NOT-FOR-US: AML Surety Eco
CVE-2024-41631 (Buffer Overflow vulnerability in host-host NEUQ_board v.1.0 allows a r ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d04a17ea8b1985876f6a5a27e0d1f44c4b0f95f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d04a17ea8b1985876f6a5a27e0d1f44c4b0f95f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240729/dcfca3ee/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list