[Git][security-tracker-team/security-tracker][master] Update CVE-2024-6866
Daniel Leidert (@dleidert)
dleidert at debian.org
Sat May 31 02:36:49 BST 2025
Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker
Commits:
920fd054 by Daniel Leidert at 2025-05-31T03:36:12+02:00
Update CVE-2024-6866
Add patch links.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23951,8 +23951,11 @@ CVE-2024-6982 (A remote code execution vulnerability exists in the Calculate fun
NOT-FOR-US: parisneo/lollms
CVE-2024-6866 (corydolphin/flask-cors version 4.01 contains a vulnerability where the ...)
- python-flask-cors 6.0.0-1 (bug #1100988)
- [bookworm] - python-flask-cors <postponed> (Minor issue, revisit when fixed upstream)
+ [bookworm] - python-flask-cors <postponed> (Minor issue)
+ [bullseye] - python-flask-cors <postponed> (Minor issue)
NOTE: https://huntr.com/bounties/808c11af-faee-43a8-824b-b5ab4f62b9e6
+ NOTE: https://github.com/advisories/GHSA-43qf-4rqw-9q2g
+ NOTE: Fixed by: https://github.com/corydolphin/flask-cors/commit/eb39516a3c96b90d0ae5f51293972395ec3ef358 (6.0.0)
CVE-2024-6863 (In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom Encryptio ...)
NOT-FOR-US: h2oai/h2o-3
CVE-2024-6854 (In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/920fd0540bdd6de001a07ced28e7a7e6b9577533
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/920fd0540bdd6de001a07ced28e7a7e6b9577533
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250531/061f82a1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list