[Git][security-tracker-team/security-tracker][master] CVE-2024-57004,roundcube: link to upstream issue

Markus Koschany (@apo) apo at debian.org
Sat Feb 8 09:40:45 GMT 2025



Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4239c4f6 by Markus Koschany at 2025-02-08T10:39:39+01:00
CVE-2024-57004,roundcube: link to upstream issue

I couldn't find any details about the CVE, so I opened an issue.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1340,7 +1340,7 @@ CVE-2024-57097 (ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in clas
 	NOT-FOR-US: ClassCMS
 CVE-2024-57004 (Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 al ...)
 	- roundcube <unfixed>
-	TODO: check details
+	NOTE: https://github.com/roundcube/roundcubemail/issues/9767
 CVE-2024-56946 (Denial of service in DNS-over-QUIC in Technitium DNS Server <= v13.2.2 ...)
 	TODO: check
 CVE-2024-56921 (An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registrat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4239c4f64a46f65dd7d9609b1e143f3f94ee0c4b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4239c4f64a46f65dd7d9609b1e143f3f94ee0c4b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250208/e148d591/attachment.htm>


More information about the debian-security-tracker-commits mailing list