[Git][security-tracker-team/security-tracker][master] Update notes for CVE-2024-7319
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 27 15:55:49 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7f61c275 by Salvatore Bonaccorso at 2025-11-27T16:55:20+01:00
Update notes for CVE-2024-7319
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -148143,6 +148143,9 @@ CVE-2024-7319 (An incomplete fix for CVE-2023-1625 was found in openstack-heat.
[bullseye] - heat <not-affected> (Incomplete fix for CVE-2023-1625 not applied)
NOTE: https://storyboard.openstack.org/#!/story/2011007
NOTE: Negligible security impact
+ NOTE: Requires the 'Abandon' feature to be enabled (disabled by default) and a fix
+ NOTE: would break the 'Adopt' feature. Issue can be fixed by dropping completely
+ NOTE: the abandon and adopt code.
CVE-2024-7291 (The JetFormBuilder plugin for WordPress is vulnerable to privilege esc ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6477 (The UsersWP WordPress plugin before 1.2.12 uses predictable filenames ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f61c275ebcad9d8da890ff87a632267487c1a89
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f61c275ebcad9d8da890ff87a632267487c1a89
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251127/bd8102bf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list