[Git][security-tracker-team/security-tracker][master] Add CVE-2024-22259/libspring-java
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 16 10:26:21 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a2277a69 by Salvatore Bonaccorso at 2024-03-16T11:25:15+01:00
Add CVE-2024-22259/libspring-java
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -41,7 +41,9 @@ CVE-2024-22513 (djangorestframework-simplejwt version 5.3.1 and before is vulner
- python-djangorestframework-simplejwt <unfixed>
NOTE: https://github.com/dmdhrumilmistry/CVEs/tree/main/CVE-2024-22513
CVE-2024-22259 (Applications that use UriComponentsBuilder in Spring Frameworkto parse ...)
- TODO: check
+ - libspring-java <unfixed> (unimportant)
+ NOTE: https://spring.io/security/cve-2024-22259
+ NOTE: Only supported for building applications shipped in Debian, see README.Debian.security
CVE-2024-1733 (The Word Replacer Pro plugin for WordPress is vulnerable to unauthoriz ...)
NOT-FOR-US: WordPress plugin
CVE-2024-1685 (The Social Media Share Buttons plugin for WordPress is vulnerable to P ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2277a693b180af1a6d9d9cda1cb8b1b7977ab8c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2277a693b180af1a6d9d9cda1cb8b1b7977ab8c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240316/91fd755a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list