[Git][security-tracker-team/security-tracker][master] Add CVE-2024-28102/python-jwcrypto
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 7 20:38:25 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f3cddc1f by Salvatore Bonaccorso at 2024-03-07T21:37:23+01:00
Add CVE-2024-28102/python-jwcrypto
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -85,7 +85,9 @@ CVE-2024-28111 (Canarytokens helps track activity and actions on a network. Cana
CVE-2024-28110 (Go SDK for CloudEvents is the official CloudEvents SDK to integrate ap ...)
TODO: check
CVE-2024-28102 (JWCrypto implements JWK, JWS, and JWE specifications using python-cryp ...)
- TODO: check
+ - python-jwcrypto <unfixed>
+ NOTE: https://github.com/latchset/jwcrypto/security/advisories/GHSA-j857-7rvv-vj97
+ NOTE: https://github.com/latchset/jwcrypto/commit/90477a3b6e73da69740e00b8161f53fea19b831f (v1.5.6)
CVE-2024-28101 (The Apollo Router is a graph router written in Rust to run a federated ...)
NOT-FOR-US: Apollo Router
CVE-2024-28097 (Calendar functionality in Schoolbox application before version 23.1.3 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3cddc1fcef83c220a8ec1aed2f870eac65fefbe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3cddc1fcef83c220a8ec1aed2f870eac65fefbe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240307/98ed18e4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list