[Git][security-tracker-team/security-tracker][master] Add CVE-2024-45508/htmldoc

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 2 16:50:03 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d7006467 by Salvatore Bonaccorso at 2024-09-02T17:49:11+02:00
Add CVE-2024-45508/htmldoc

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,7 +21,9 @@ CVE-2024-45522 (Linen before cd37c3e does not verify that the domain is linen.de
 CVE-2024-45509 (In MISP through 2.4.196, app/Controller/BookmarksController.php does n ...)
 	NOT-FOR-US: MISP
 CVE-2024-45508 (HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ...)
-	TODO: check
+	- htmldoc <unfixed>
+	NOTE: https://github.com/michaelrsweet/htmldoc/issues/528
+	NOTE: https://github.com/michaelrsweet/htmldoc/commit/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2
 CVE-2024-45270 (WordPress plugin "Carousel Slider" provided by Sayful Islam contains a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-45269 (WordPress plugin "Carousel Slider" provided by Sayful Islam contains a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d70064679d0e8890bcc9f468ef59bc725ab22b93

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d70064679d0e8890bcc9f468ef59bc725ab22b93
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240902/883ed3b0/attachment.htm>


More information about the debian-security-tracker-commits mailing list