[Git][security-tracker-team/security-tracker][master] CVE-2024-8372

[Bastien Roucariès (@rouca)]

Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2d22936c by Bastien Roucariès at 2025-06-07T21:52:51+02:00
CVE-2024-8372

Add original bug report

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -82896,7 +82896,8 @@ CVE-2024-8372 (Improper sanitization of the value of the 'srcset' attribute in A
 	[trixie] - angular.js <postponed> (Minor issue, revisit when fixed upstream)
 	[bookworm] - angular.js <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - angular.js <postponed> (Minor issue)
-	NOTE: https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017
+	NOTE: https://www.herodevs.com/vulnerability-directory/cve-2024-8372
+	NOTE: PoC: https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017
 CVE-2024-8042 (Rapid7 Insight Platform versions between November 2019 and August 14,  ...)
 	NOT-FOR-US: Rapid7 Insight Platform
 CVE-2024-7341 (A session fixation issue was discovered in the SAML adapters provided  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d22936ce019ca9d1ad239353933b9c371bb52b2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d22936ce019ca9d1ad239353933b9c371bb52b2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250607/5de3a083/attachment.htm>