[Git][security-tracker-team/security-tracker][master] CVE-2024-6531

[Bastien Roucariès (@rouca)]

Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c00f50ea by Bastien Roucariès at 2025-04-13T14:38:41+02:00
CVE-2024-6531

This is the same kind of vulnerability then CVE-2024-6484

Add patch from salsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79490,6 +79490,8 @@ CVE-2024-6531 (A vulnerability has been identified in Bootstrap that exposes use
 	[bullseye] - twitter-bootstrap4 <postponed> (Minor issue, revisit when freely-licensed fix is available)
 	- twitter-bootstrap3 <not-affected> (Only affects 4.x)
 	NOTE: https://www.herodevs.com/vulnerability-directory/cve-2024-6531
+	NOTE: related to CVE-2024-6484/twitter-bootstrap3
+	NOTE: Fixed by https://salsa.debian.org/js-team/twitter-bootstrap4/-/blob/1925007041cf88bde02af23c9507ad9e7426e362/debian/patches/0003-CVE-2024-6531.patch
 CVE-2024-6528 (CWE-79: Improper Neutralization of Input During Web Page Generation (' ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2024-6485 (A security vulnerability has been discovered in bootstrap that could e ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c00f50eafbd38212d91c0fa771419aa8030b4dcf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c00f50eafbd38212d91c0fa771419aa8030b4dcf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250413/128afacb/attachment.htm>