[Git][security-tracker-team/security-tracker][master] new node-body-parser issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Sep 12 09:11:52 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d137199e by Moritz Muehlenhoff at 2024-09-12T10:11:27+02:00
new node-body-parser issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -356,7 +356,9 @@ CVE-2024-45592 (auditor-bundle, formerly known as DoctrineAuditBundle, integrate
CVE-2024-45591 (XWiki Platform is a generic wiki platform. The REST API exposes the hi ...)
NOT-FOR-US: XWiki
CVE-2024-45590 (body-parser is Node.js body parsing middleware. body-parser <1.20.3 is ...)
- TODO: check
+ - node-body-parser <unfixed>
+ NOTE: https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7
+ NOTE: https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce (1.20.3)
CVE-2024-45412 (Yeti bridges the gap between CTI and DFIR practitioners by providing a ...)
TODO: check
CVE-2024-45409 (The Ruby SAML library is for implementing the client side of a SAML au ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d137199e067f5462b50ccf83d8464b0c6d3af02d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d137199e067f5462b50ccf83d8464b0c6d3af02d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240912/75ab9c1d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list