[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Oct 25 14:43:57 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8def8c33 by Moritz Muehlenhoff at 2024-10-25T15:43:36+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2024-50583 (Whale browser Installer before 3.1.0.0 allows an attacker to exe
 CVE-2024-49762 (Pterodactyl is a free, open-source game server management panel. When  ...)
 	NOT-FOR-US: Pterodactyl
 CVE-2024-49760 (OpenRefine is a free, open source tool for working with messy data. Th ...)
-	- openrefine <unfixed>
+	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-qfwq-6jh6-8xx4
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/24d084052dc55426fe460f2a17524fd18d28b20c
 CVE-2024-49750 (The Snowflake Connector for Python provides an interface for developin ...)
@@ -43,27 +43,27 @@ CVE-2024-48870 (Sharp and Toshiba Tec MFPs improperly validate input data in URI
 CVE-2024-48208 (pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an  ...)
 	TODO: seems bogus
 CVE-2024-47883 (The OpenRefine fork of the MIT Simile Butterfly server is a modular we ...)
-	- openrefine-butterfly <unfixed>
+	- openrefine-butterfly <unfixed> (bug #1086042)
 	NOTE: https://github.com/OpenRefine/simile-butterfly/security/advisories/GHSA-3p8v-w8mr-m3x8
 	NOTE: https://github.com/OpenRefine/simile-butterfly/commit/537f64bfa72746f8b21d4bda461fad843435319c
 CVE-2024-47882 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
-	- openrefine <unfixed>
+	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-j8hp-f2mj-586g
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/85594e75e7b36025f7b6a67dcd3ec253c5dff8c2
 CVE-2024-47881 (OpenRefine is a free, open source tool for working with messy data. St ...)
-	- openrefine <unfixed>
+	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-87cf-j763-vvh8
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/853a1d91662e7dc278a9a94a38be58de04494056
 CVE-2024-47880 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
-	- openrefine <unfixed>
+	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-79jv-5226-783f
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/8060477fa53842ebabf43b63e039745932fa629d
 CVE-2024-47879 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
-	- openrefine <unfixed>
+	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-3jm4-c6qf-jrh3
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/090924ca923489b6c94397cf1f5df7f7f78f0126
 CVE-2024-47878 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
-	- openrefine <unfixed>
+	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-pw3x-c5vp-mfc3
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/10bf0874d67f1018a58b3732332d76b840192fea
 CVE-2024-47801 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)
@@ -135,18 +135,18 @@ CVE-2024-10148 (The Awesome buttons plugin for WordPress is vulnerable to Stored
 CVE-2024-10011 (The BuddyPress plugin for WordPress is vulnerable to Directory Travers ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-48426 (A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Ex ...)
-	- assimp <unfixed>
+	- assimp <unfixed> (bug #1086043)
 	NOTE: https://github.com/assimp/assimp/issues/5789
 CVE-2024-48425 (A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMesh ...)
-	- assimp <unfixed>
+	- assimp <unfixed> (bug #1086043)
 	NOTE: https://github.com/assimp/assimp/issues/5791
 	NOTE: https://github.com/assimp/assimp/commit/ecdf8d24b85367b22ba353b4f82299d4af7f1f97
 	NOTE: https://github.com/assimp/assimp/pull/5799
 CVE-2024-48424 (A heap-buffer-overflow vulnerability has been identified in the OpenDD ...)
-	- assimp <unfixed>
+	- assimp <unfixed> (bug #1086045)
 	NOTE: https://github.com/assimp/assimp/issues/5787
 CVE-2024-48423 (An issue in assimp v.5.4.3 allows a local attacker to execute arbitrar ...)
-	- assimp <unfixed>
+	- assimp <unfixed> (bug #1086046)
 	NOTE: https://github.com/assimp/assimp/issues/5788
 CVE-2024-9692 (VIMESA VHF/FM Transmitter Blue Plus is suffering from a Denial-of-Serv ...)
 	NOT-FOR-US: VIMESA VHF/FM Transmitter Blue Plus



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8def8c3387548788f24a18dcafdb38fe79749484

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8def8c3387548788f24a18dcafdb38fe79749484
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241025/454891f7/attachment.htm>

More information about the debian-security-tracker-commits mailing list