[Git][security-tracker-team/security-tracker][master] Add CVE-2018-25100/libmojolicious-perl
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Mar 24 11:13:20 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1c7c5ffb by Salvatore Bonaccorso at 2024-03-24T12:12:45+01:00
Add CVE-2018-25100/libmojolicious-perl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,10 @@ CVE-2024-23755 (ClickUp Desktop before 3.3.77 on macOS and Windows allows code i
CVE-2020-36827 (The XAO::Web module before 1.84 for Perl mishandles < and > characters ...)
NOT-FOR-US: XAO::Web Perl module
CVE-2018-25100 (The Mojolicious module before 7.66 for Perl may leak cookies in certai ...)
- TODO: check
+ - libmojolicious-perl 7.71+dfsg-1
+ NOTE: https://github.com/mojolicious/mojo/pull/1192
+ NOTE: https://github.com/mojolicious/mojo/issues/1185
+ NOTE: https://github.com/mojolicious/mojo/commit/c16a56a9d6575ddc53d15e76d58f0ebcb0eeb149 (v7.66)
CVE-2024-XXXX [possibility to reset password for suspended accounts]
- anope 2.0.15-1
NOTE: https://github.com/anope/anope/commit/2b7872139c40ea5b0ca96c1d6595b7d5f9fa60a5 (2.0.15)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c7c5ffbee74770c2e344457a0d2131253c27bb4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c7c5ffbee74770c2e344457a0d2131253c27bb4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240324/2cd79b89/attachment.htm>
More information about the debian-security-tracker-commits
mailing list