[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-43363 and CVE-2025-24367

Sun, 09 Feb 2025 05:54:16 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
019af0d2 by Salvatore Bonaccorso at 2025-02-09T14:53:40+01:00
Update status for CVE-2024-43363 and CVE-2025-24367

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2873,9 +2873,10 @@ CVE-2025-24368 (Cacti is an open source performance and 
fault management framewo
        NOTE: Frontend regression: https://github.com/Cacti/cacti/issues/6090
        NOTE: Frontend fix optional: 
https://github.com/Cacti/cacti/pull/6094#issuecomment-2643321503
 CVE-2025-24367 (Cacti is an open source performance and fault management 
framework. An ...)
-       - cacti 1.2.28+ds1-4 (bug #1094574)
+       - cacti 1.2.28+ds1-4 (bug #1094574; unimportant)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-fxrq-fr7h-9rqq
        NOTE: Fixed by: 
https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
+       NOTE: Negligible security impact as exploitability depends on writable 
web root for cacto
 CVE-2025-24365 (vaultwarden is an unofficial Bitwarden compatible server 
written in Ru ...)
        - vaultwarden <itp> (bug #1067023)
 CVE-2025-24364 (vaultwarden is an unofficial Bitwarden compatible server 
written in Ru ...)
@@ -36339,9 +36340,10 @@ CVE-2024-43364 (Cacti is an open source performance 
and fault management framewo
        NOTE: Fixed by: 
https://github.com/Cacti/cacti/commit/e03f605dca8da56ecc7d321103a5842cd32007b0 
(release/1.2.28)
        NOTE: Fixed by: 
https://github.com/Cacti/cacti/commit/059d107fade96cde3743f1e2d444ce52beb92321 
(release/1.2.28)
 CVE-2024-43363 (Cacti is an open source performance and fault management 
framework. An ...)
-       - cacti 1.2.28+ds1-1
+       - cacti 1.2.28+ds1-1 (unimportant)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4
        NOTE: Fixed by: 
https://github.com/Cacti/cacti/commit/3adc71a2b97506bf26c21935e1e6f30d58fe88e3 
(release/1.2.28)
+       NOTE: Negligible security impact as exploitability depends on writable 
web root for cacto
 CVE-2024-43362 (Cacti is an open source performance and fault management 
framework. Th ...)
        - cacti 1.2.28+ds1-1
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-wh9c-v56x-v77c



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/019af0d262f1398798d02ab6c077526e31fd4faf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/019af0d262f1398798d02ab6c077526e31fd4faf
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to