[Git][security-tracker-team/security-tracker][master] new openrefine issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19ef499c by Moritz Muehlenhoff at 2024-10-25T15:23:26+02:00
new openrefine issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,9 @@ CVE-2024-50583 (Whale browser Installer before 3.1.0.0 allows an attacker to exe
 CVE-2024-49762 (Pterodactyl is a free, open-source game server management panel. When  ...)
 	NOT-FOR-US: Pterodactyl
 CVE-2024-49760 (OpenRefine is a free, open source tool for working with messy data. Th ...)
-	TODO: check
+	- openrefine <unfixed>
+	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-qfwq-6jh6-8xx4
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/24d084052dc55426fe460f2a17524fd18d28b20c
 CVE-2024-49750 (The Snowflake Connector for Python provides an interface for developin ...)
 	TODO: check
 CVE-2024-49359 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
@@ -41,17 +43,29 @@ CVE-2024-48870 (Sharp and Toshiba Tec MFPs improperly validate input data in URI
 CVE-2024-48208 (pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an  ...)
 	TODO: check
 CVE-2024-47883 (The OpenRefine fork of the MIT Simile Butterfly server is a modular we ...)
-	TODO: check
+	- openrefine-butterfly <unfixed>
+	NOTE: https://github.com/OpenRefine/simile-butterfly/security/advisories/GHSA-3p8v-w8mr-m3x8
+	NOTE: https://github.com/OpenRefine/simile-butterfly/commit/537f64bfa72746f8b21d4bda461fad843435319c
 CVE-2024-47882 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
-	TODO: check
+	- openrefine <unfixed>
+	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-j8hp-f2mj-586g
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/85594e75e7b36025f7b6a67dcd3ec253c5dff8c2
 CVE-2024-47881 (OpenRefine is a free, open source tool for working with messy data. St ...)
-	TODO: check
+	- openrefine <unfixed>
+	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-87cf-j763-vvh8
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/853a1d91662e7dc278a9a94a38be58de04494056
 CVE-2024-47880 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
-	TODO: check
+	- openrefine <unfixed>
+	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-79jv-5226-783f
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/8060477fa53842ebabf43b63e039745932fa629d
 CVE-2024-47879 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
-	TODO: check
+	- openrefine <unfixed>
+	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-3jm4-c6qf-jrh3
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/090924ca923489b6c94397cf1f5df7f7f78f0126
 CVE-2024-47878 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
-	TODO: check
+	- openrefine <unfixed>
+	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-pw3x-c5vp-mfc3
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/10bf0874d67f1018a58b3732332d76b840192fea
 CVE-2024-47801 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)
 	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-47549 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19ef499c9c72507607c27d2ce8b5c0ceb029bdd5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19ef499c9c72507607c27d2ce8b5c0ceb029bdd5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241025/2e0521ba/attachment.htm>