[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Sep 13 19:08:35 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d095ecba by Moritz Muehlenhoff at 2024-09-13T20:07:55+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -369,7 +369,7 @@ CVE-2024-45824 (CVE-2024-45824 IMPACT    A remote code vulnerability exists in t
 CVE-2024-45823 (CVE-2024-45823 IMPACT    An authentication bypass vulnerability exists ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2024-45624 (Exposure of sensitive information due to incompatible policies issue e ...)
-	- pgpool2 <unfixed>
+	- pgpool2 <unfixed> (bug #1081659)
 	NOTE: https://www.pgpool.net/mediawiki/index.php/Main_Page#Pgpool-II_4.5.4.2C_4.4.9.2C_4.3.12.2C_4.2.19_and_4.1.22_officially_released_.282024.2F09.2F09.29
 CVE-2024-45607 (whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official AP ...)
 	NOT-FOR-US: whatsapp-api-js
@@ -808,7 +808,7 @@ CVE-2024-45592 (auditor-bundle, formerly known as DoctrineAuditBundle, integrate
 CVE-2024-45591 (XWiki Platform is a generic wiki platform. The REST API exposes the hi ...)
 	NOT-FOR-US: XWiki
 CVE-2024-45590 (body-parser is Node.js body parsing middleware. body-parser <1.20.3 is ...)
-	- node-body-parser <unfixed>
+	- node-body-parser <unfixed> (bug #1081657)
 	NOTE: https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7
 	NOTE: https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce (1.20.3)
 CVE-2024-45412 (Yeti bridges the gap between CTI and DFIR practitioners by providing a ...)
@@ -1264,7 +1264,7 @@ CVE-2024-45411 (Twig is a template language for PHP. Under some circumstances, t
 CVE-2024-45406 (Craft is a content management system (CMS). Craft CMS 5 stored XSS can ...)
 	NOT-FOR-US: Craft CMS
 CVE-2024-45296 (path-to-regexp turns path strings into a regular expressions. In certa ...)
-	- node-path-to-regexp <unfixed>
+	- node-path-to-regexp <unfixed> (bug #1081656)
 	NOTE: https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j
 	NOTE: https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6 (v8.0.0)
 CVE-2024-45041 (External Secrets Operator is a Kubernetes operator that integrates ext ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d095ecba274f893cc2b38866718d3688d56fd664

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d095ecba274f893cc2b38866718d3688d56fd664
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240913/35239c39/attachment.htm>

More information about the debian-security-tracker-commits mailing list