[Git][security-tracker-team/security-tracker][master] Add CVE-2024-1968/python-scrapy
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue May 21 14:46:11 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d9f4731e by Salvatore Bonaccorso at 2024-05-21T15:45:33+02:00
Add CVE-2024-1968/python-scrapy
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -97,7 +97,12 @@ CVE-2024-24294 (A Prototype Pollution issue in Blackprint @blackprint/engine v.0
CVE-2024-24293 (A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 all ...)
TODO: check
CVE-2024-1968 (In scrapy/scrapy, an issue was identified where the Authorization head ...)
- TODO: check
+ - python-scrapy 2.11.2-1
+ NOTE: https://huntr.com/bounties/27f6a021-a891-446a-ada5-0226d619dd1a
+ NOTE: https://github.com/scrapy/scrapy/security/advisories/GHSA-4qqq-9vqf-3h3f
+ NOTE: https://github.com/scrapy/scrapy/commit/f8d6c456e0669ea5344e93fe9206bd1ffebc2008 (2.11.2)
+ NOTE: https://github.com/scrapy/scrapy/commit/6499214a4f6817e1845073bd167deb33ed5261af (2.11.2)
+ NOTE: https://github.com/scrapy/scrapy/commit/7a1ab7e1be2187daf047f3bf5ed8e9192751b145 (2.11.2)
CVE-2024-0401 (ASUS routers supporting custom OpenVPN profiles are vulnerable to a co ...)
NOT-FOR-US: ASUS
CVE-2023-49335 (Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injectio ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9f4731ee9ad459bccd5dc14fdda10fa62ca1ce8
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9f4731ee9ad459bccd5dc14fdda10fa62ca1ce8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240521/b7caeef5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list