[Git][security-tracker-team/security-tracker][master] CVE-2024-58265/rust-snow assigned

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 28 18:31:59 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f58f993a by Salvatore Bonaccorso at 2025-07-28T19:31:12+02:00
CVE-2024-58265/rust-snow assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -151,8 +151,6 @@ CVE-2025-8242 (A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.11
 	NOT-FOR-US: TOTOLINK
 CVE-2025-8241 (A vulnerability, which was classified as critical, was found in 1000 P ...)
 	NOT-FOR-US: 1000 Projects ABC Courier Management System
-CVE-2024-58265 (The snow crate before 0.9.5 for Rust, when stateful TransportState is  ...)
-	TODO: check
 CVE-2024-58264 (The serde-json-wasm crate before 1.0.1 for Rust allows stack consumpti ...)
 	TODO: check
 CVE-2023-53161 (The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds a ...)
@@ -161944,7 +161942,7 @@ CVE-2023-37527 (A reflected cross-site scripting (XSS) vulnerability in the Web
 	NOT-FOR-US: HCL
 CVE-2023-32967 (An incorrect authorization vulnerability has been reported to affect s ...)
 	NOT-FOR-US: QNAP
-CVE-2024-XXXX [GHSA-7g9j-g5jg-3vv3: Unauthenticated Nonce Increment in snow]
+CVE-2024-58265 [GHSA-7g9j-g5jg-3vv3: Unauthenticated Nonce Increment in snow]
 	- rust-snow 0.9.6-1 (bug #1062663)
 	NOTE: https://github.com/mcginty/snow/security/advisories/GHSA-7g9j-g5jg-3vv3
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0011.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f58f993abc6245e7821eb33daa7c43a2e9584dc3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f58f993abc6245e7821eb33daa7c43a2e9584dc3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250728/92a0033b/attachment.htm>

More information about the debian-security-tracker-commits mailing list