[Git][security-tracker-team/security-tracker][master] new golang-github-gomarkdown-markdown issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Oct 18 15:47:50 BST 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2932a68e by Moritz Mühlenhoff at 2024-10-18T16:47:17+02:00
new golang-github-gomarkdown-markdown issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -932,7 +932,9 @@ CVE-2024-45272 (An unauthenticated remote attacker can perform a brute-force att
 CVE-2024-45271 (An unauthenticated local attacker can gain admin privileges by deployi ...)
 	NOT-FOR-US: MB connect line GmbH
 CVE-2024-44337 (The package `github.com/gomarkdown/markdown` is a Go library for parsi ...)
-	TODO: check
+	- golang-github-gomarkdown-markdown <unfixed>
+	NOTE: https://github.com/Brinmon/CVE-2024-44337
+	NOTE: https://github.com/gomarkdown/markdown/commit/a2a9c4f76ef5a5c32108e36f7c47f8d310322252
 CVE-2024-41344 (A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attac ...)
 	NOT-FOR-US: Codeigniter
 CVE-2024-35584 (SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.p ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2932a68eda27c00442ce7ff8d01065d957f11572

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2932a68eda27c00442ce7ff8d01065d957f11572
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241018/2d4594a6/attachment.htm>


More information about the debian-security-tracker-commits mailing list