[Git][security-tracker-team/security-tracker][master] CVE-2024-13009/jetty-9
Bastien Roucariès (@rouca)
rouca at debian.org
Sat Oct 25 23:16:46 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ebfbe307 by Bastien Roucariès at 2025-10-26T00:16:17+02:00
CVE-2024-13009/jetty-9
Add pull request and commit fixing
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55577,6 +55577,8 @@ CVE-2024-13009 (In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorr
- jetty <not-affected> (Only affects 9.x)
NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5
NOTE: https://gitlab.eclipse.org/security/cve-assignement/-/issues/48
+ NOTE: Fixed by commit https://github.com/jetty/jetty.project/commit/e3fa9466633db6bf36e0eb0d17e3de166c788ede (jetty-9.4.57.v20241219)
+ NOTE: Pull request https://github.com/jetty/jetty.project/pull/12648 (jetty-9.4.57.v20241219)
CVE-2024-12378 (On affected platforms running Arista EOS with secure Vxlan configured, ...)
NOT-FOR-US: Arista Networks
CVE-2024-11186 (On affected versions of the CloudVision Portal, improper access contro ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebfbe30763de3e7c33ea3ccd45b91e9345217d7c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebfbe30763de3e7c33ea3ccd45b91e9345217d7c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251025/ec59b6cf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list