[Git][security-tracker-team/security-tracker][master] Add CVE-2024-31573/xmlunit
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 17 22:17:53 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b4f4abb5 by Salvatore Bonaccorso at 2025-10-17T23:17:23+02:00
Add CVE-2024-31573/xmlunit
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,7 +101,10 @@ CVE-2025-11902 (A vulnerability was detected in yanyutao0402 ChanCMS up to 3.3.2
CVE-2025-11895 (The Binary MLM Plan plugin for WordPress is vulnerable to insecure dir ...)
NOT-FOR-US: WordPress plugin
CVE-2024-31573 (XMLUnit for Java before 2.10.0, in the default configuration, might al ...)
- TODO: check
+ - xmlunit <not-affected> (Vulnerable code not present)
+ NOTE: https://github.com/advisories/GHSA-chfm-68vv-pvw5
+ NOTE: https://github.com/xmlunit/xmlunit/issues/264
+ NOTE: https://github.com/xmlunit/xmlunit/commit/b81d48b71dfd2868bdfc30a3e17ff973f32bc15b (v2.10.0)
CVE-2025-6950 (An Use of Hard-coded Credentials vulnerability has been identified in ...)
NOT-FOR-US: Moxa
CVE-2025-6949 (An Execution with Unnecessary Privileges vulnerability has been identi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4f4abb5079b6b52a395442ee2f0274d466fd3de
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4f4abb5079b6b52a395442ee2f0274d466fd3de
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251017/e550e034/attachment.htm>
More information about the debian-security-tracker-commits
mailing list