[Git][security-tracker-team/security-tracker][master] Add CVE-2024-51058/tcpdf
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 26 21:03:51 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9132a8e5 by Salvatore Bonaccorso at 2024-11-26T22:03:31+01:00
Add CVE-2024-51058/tcpdf
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47,7 +47,8 @@ CVE-2024-52336 (A script injection vulnerability was identified in the Tuned pac
CVE-2024-52008 (Fides is an open-source privacy engineering platform. The user invite ...)
TODO: check
CVE-2024-51058 (Local File Inclusion (LFI) vulnerability has been discovered in TCPDF ...)
- TODO: check
+ - tcpdf <unfixed>
+ NOTE: https://github.com/tecnickcom/TCPDF/commit/bfa7d2b6d455ebf72ebe3d48fbd487ee5a1f6f3b (6.7.6)
CVE-2024-50377 (A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the ...)
TODO: check
CVE-2024-50376 (A CWE-79 "Improper Neutralization of Input During Web Page Generation ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9132a8e5dbbeeb8924ccab785c37c4a1e568e7fb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9132a8e5dbbeeb8924ccab785c37c4a1e568e7fb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241126/ec470db2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list