[Git][security-tracker-team/security-tracker][master] Add CVE-2024-47554/commons-io
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 4 21:47:59 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fbac533b by Salvatore Bonaccorso at 2024-10-04T22:47:27+02:00
Add CVE-2024-47554/commons-io
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -214,7 +214,8 @@ CVE-2024-47614 (async-graphql is a GraphQL server library implemented in Rust. a
CVE-2024-47561 (Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous vers ...)
NOT-FOR-US: Apache Avro
CVE-2024-47554 (Uncontrolled Resource Consumption vulnerability in Apache Commons IO. ...)
- TODO: check
+ - commons-io 2.16.0-1
+ NOTE: https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1
CVE-2024-45872 (Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x41 ...)
NOT-FOR-US: Bandisoft BandiView
CVE-2024-45871 (Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbac533b4ec5f73191c98cdfcf02ea8c2986ce19
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbac533b4ec5f73191c98cdfcf02ea8c2986ce19
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241004/b4b11cf0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list