[Git][security-tracker-team/security-tracker][master] Track fixed version for cacti issues fixed via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 30 05:08:49 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
825301cd by Salvatore Bonaccorso at 2025-01-30T06:08:12+01:00
Track fixed version for cacti issues fixed via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -576,11 +576,11 @@ CVE-2025-24537 (Cross-Site Request Forgery (CSRF) vulnerability in The Events Ca
 CVE-2025-24533 (Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Responsi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-24368 (Cacti is an open source performance and fault management framework. So ...)
-	- cacti <unfixed> (bug #1094574)
+	- cacti 1.2.28+ds1-4 (bug #1094574)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-f9c7-7rc3-574c
 	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
 CVE-2025-24367 (Cacti is an open source performance and fault management framework. An ...)
-	- cacti <unfixed> (bug #1094574)
+	- cacti 1.2.28+ds1-4 (bug #1094574)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-fxrq-fr7h-9rqq
 	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
 CVE-2025-24365 (vaultwarden is an unofficial Bitwarden compatible server written in Ru ...)
@@ -618,7 +618,7 @@ CVE-2025-23457 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-23197 (matrix-hookshot is a Matrix bot for connecting to external services li ...)
 	NOT-FOR-US: matrix-hookshot
 CVE-2025-22604 (Cacti is an open source performance and fault management framework. Du ...)
-	- cacti <unfixed> (bug #1094574)
+	- cacti 1.2.28+ds1-4 (bug #1094574)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-c5j8-jxj3-hh36
 	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
 CVE-2025-22513 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -698,11 +698,11 @@ CVE-2024-55228 (A cross-site scripting (XSS) vulnerability in the Product module
 CVE-2024-55227 (A cross-site scripting (XSS) vulnerability in the Events/Agenda module ...)
 	- dolibarr <removed>
 CVE-2024-54146 (Cacti is an open source performance and fault management framework. Ca ...)
-	- cacti <unfixed> (bug #1094574)
+	- cacti 1.2.28+ds1-4 (bug #1094574)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-vj9g-p7f2-4wqj
 	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
 CVE-2024-54145 (Cacti is an open source performance and fault management framework. Ca ...)
-	- cacti <unfixed> (bug #1094574)
+	- cacti 1.2.28+ds1-4 (bug #1094574)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-fh3x-69rr-qqpp
 	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
 CVE-2024-48841 (Network access can be used to execute arbitrary code with elevated pri ...)
@@ -718,7 +718,7 @@ CVE-2024-48417 (Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnera
 CVE-2024-48416 (Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to ...)
 	NOT-FOR-US: Edimax
 CVE-2024-45598 (Cacti is an open source performance and fault management framework. Pr ...)
-	- cacti <unfixed> (bug #1094574)
+	- cacti 1.2.28+ds1-4 (bug #1094574)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-pv2c-97pp-vxwg
 	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
 	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/eca52c6bb3e76c55d66b1040baa6dbf37471a0ae



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/825301cde605451d3d92515280cb7c89c897f076

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/825301cde605451d3d92515280cb7c89c897f076
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250130/479b4c5b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list