[Git][security-tracker-team/security-tracker][master] Add CVE-2024-47874/starlette

Wed Oct 16 14:16:50 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ba5cdac6 by Salvatore Bonaccorso at 2024-10-16T07:50:25+02:00
Add CVE-2024-47874/starlette

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -78,7 +78,9 @@ CVE-2024-47943 (The firmware upgrade function in the admin web interface of the
 CVE-2024-47876 (Sakai is a Collaboration and Learning Environment. Starting in version ...)
 	NOT-FOR-US: Sakai
 CVE-2024-47874 (Starlette is an Asynchronous Server Gateway Interface (ASGI) framework ...)
-	TODO: check
+	- starlette <unfixed>
+	NOTE: https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw
+	NOTE: https://github.com/encode/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733 (0.40.0)
 CVE-2024-47824 (matrix-react-sdk is react-based software development kit for inserting ...)
 	TODO: check
 CVE-2024-47779 (Element is a Matrix web client built using the Matrix React SDK .Eleme ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba5cdac6436767400470d91b628c00843812910d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba5cdac6436767400470d91b628c00843812910d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241016/718f2d43/attachment.htm>
