[Git][security-tracker-team/security-tracker][master] new python-pymysql issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed May 22 11:31:37 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
96c8f1ae by Moritz Muehlenhoff at 2024-05-22T12:31:00+02:00
new python-pymysql issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -435,7 +435,9 @@ CVE-2024-3268 (The YouTube Video Gallery by YouTube Showcase \u2013 Video Galler
CVE-2024-36052 (RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the s ...)
TODO: check
CVE-2024-36039 (PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON ...)
- TODO: check
+ - python-pymysql <unfixed>
+ NOTE: https://github.com/advisories/GHSA-v9hf-5j83-6xpp
+ NOTE: https://github.com/PyMySQL/PyMySQL/commit/521e40050cb386a499f68f483fefd144c493053c (v1.1.1)
CVE-2024-35386 (An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a den ...)
NOT-FOR-US: Cesenta MJS
CVE-2024-35385 (An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a den ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96c8f1aeef079f3787562ae0786b19a535ff260b
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96c8f1aeef079f3787562ae0786b19a535ff260b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240522/656b6e6f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list