[Git][security-tracker-team/security-tracker][master] Update CVE-2024-6221

Fri, 30 May 2025 18:39:59 -0700 


Daniel Leidert pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
70a29631 by Daniel Leidert at 2025-05-31T03:38:42+02:00
Update CVE-2024-6221

The vulnerability doesn't affect versions before 3.1.01. Also, there was a
follow-up change that is already included in version 5.0.0. Add the patch link
for documentation purposes only.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -85445,12 +85445,13 @@ CVE-2024-7904 (A vulnerability was found in DedeBIZ 
6.3.0. It has been rated as
        NOT-FOR-US: DedeBIZ
 CVE-2024-6221 (A vulnerability in corydolphin/flask-cors version 4.0.1 allows 
the `Ac ...)
        - python-flask-cors 5.0.0-1 (bug #1081300)
-       [bookworm] - python-flask-cors <postponed> (Minor issue, revisit when 
fixed upstream)
-       [bullseye] - python-flask-cors <postponed> (Minor issue)
+       [bookworm] - python-flask-cors <not-affected> (Vulnerable code 
introduced in 3.1.01)
+       [bullseye] - python-flask-cors <not-affected> (Vulnerable code 
introduced in 3.1.01)
        NOTE: https://huntr.com/bounties/a42935fc-6f57-4818-bca4-3d528235df4d
        NOTE: https://github.com/corydolphin/flask-cors/issues/337
        NOTE: https://github.com/advisories/GHSA-hxwh-jpp2-84pm
        NOTE: 
https://github.com/corydolphin/flask-cors/commit/7ae310c56ac30e0b94fb42129aa377bf633256ec
 (4.0.2)
+       NOTE: 
https://github.com/corydolphin/flask-cors/commit/c8514760cf03fcce16d77f6db7007aad429c4548
 (5.0.0, follow-up)
 CVE-2024-43353 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-43352 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70a29631d6b50f87c2c91f249cb5842d58ad8d67

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70a29631d6b50f87c2c91f249cb5842d58ad8d67
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to