[Git][security-tracker-team/security-tracker][master] - add clojure reference

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri May 24 15:54:00 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c3ca5cee by Moritz Muehlenhoff at 2024-05-24T16:52:52+02:00
- add clojure reference
- one cacti issue n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6525,10 +6525,9 @@ CVE-2024-31443 (Cacti provides an operational monitoring and fault management fr
 CVE-2024-31377 (Unrestricted Upload of File with Dangerous Type vulnerability in J.N.  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-30268 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <undetermined>
+	- cacti <not-affected> (Vulnerable code not present in 1.2, only affects 1.3)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q
 	NOTE: https://github.com/Cacti/cacti/commit/a38b9046e9772612fda847b46308f9391a49891e
-	TODO: check, might be only affecting 1.3.y
 CVE-2024-30259 (FastDDS is a C++ implementation of the DDS (Data Distribution Service) ...)
 	- fastdds 2.14.1+ds-1
 	NOTE: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-qcj9-939p-p662
@@ -29662,7 +29661,8 @@ CVE-2024-23302 (Couchbase Server before 7.2.4 has a private key leak in goxdcr.l
 CVE-2024-22983 (SQL injection vulnerability in Projectworlds Visitor Management System ...)
 	NOT-FOR-US: Projectworlds Visitor Management System
 CVE-2024-22871 (An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker  ...)
-	- clojure <undetermined>
+	- clojure <unfixed>
+	NOTE: https://github.com/advisories/GHSA-vr64-r9qj-h27f
 	NOTE: https://hackmd.io/@fe1w0/rymmJGida
 CVE-2024-22532 (Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x8 ...)
 	NOT-FOR-US: XNSoft NConvert



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3ca5cee4fae709cb1d13c07ad8ea3e805a63630

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3ca5cee4fae709cb1d13c07ad8ea3e805a63630
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240524/672da3ed/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list