[Git][security-tracker-team/security-tracker][master] Add CVE-2024-47554/commons-io

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Oct 4 21:47:59 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbac533b by Salvatore Bonaccorso at 2024-10-04T22:47:27+02:00
Add CVE-2024-47554/commons-io

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -214,7 +214,8 @@ CVE-2024-47614 (async-graphql is a GraphQL server library implemented in Rust. a
 CVE-2024-47561 (Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous vers ...)
 	NOT-FOR-US: Apache Avro
 CVE-2024-47554 (Uncontrolled Resource Consumption vulnerability in Apache Commons IO.  ...)
-	TODO: check
+	- commons-io 2.16.0-1
+	NOTE: https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1
 CVE-2024-45872 (Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x41 ...)
 	NOT-FOR-US: Bandisoft BandiView
 CVE-2024-45871 (Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbac533b4ec5f73191c98cdfcf02ea8c2986ce19

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbac533b4ec5f73191c98cdfcf02ea8c2986ce19
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241004/b4b11cf0/attachment.htm>


More information about the debian-security-tracker-commits mailing list