[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-52012
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Jan 26 14:06:31 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
64da4a1f by Salvatore Bonaccorso at 2025-01-26T15:06:03+01:00
Update status for CVE-2024-52012
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21700,8 +21700,9 @@ CVE-2024-52297 (Tolgee is an open-source localization platform. Tolgee 3.81.1 in
CVE-2024-52296 (libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised D ...)
NOT-FOR-US: libosdp
CVE-2024-52012
- - lucene-solr <unfixed>
- TODO: check
+ - lucene-solr <not-affected> (Issue only affects Apache Solr running on Windows)
+ NOTE: https://solr.apache.org/security.html#cve-2024-52012-apache-solr-configset-upload-on-windows-allows-arbitrary-path-write-access
+ NOTE: https://www.openwall.com/lists/oss-security/2025/01/26/2
CVE-2024-52010 (Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A ...)
NOT-FOR-US: Zoraxy
CVE-2024-51750 (Element is a Matrix web client built using the Matrix React SDK. A mal ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64da4a1f86603ed7938afac5e128abaac3e836f9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64da4a1f86603ed7938afac5e128abaac3e836f9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250126/e7c63d8c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list