diff options
| author | Hiroki Tagato <tagattie@FreeBSD.org> | 2024-03-29 07:52:06 +0000 |
|---|---|---|
| committer | Hiroki Tagato <tagattie@FreeBSD.org> | 2024-03-29 07:52:06 +0000 |
| commit | 5f4e7738d6cb590ac1cff08324f6d282b51bb9e9 (patch) | |
| tree | 1275580c0d1e0cbbadfb230c3abb1229a1dc9df4 | |
| parent | 251f26e103bd930839bb454ab91ed6b450c8156d (diff) | |
| download | ports-5f4e7738d6cb590ac1cff08324f6d282b51bb9e9.tar.gz ports-5f4e7738d6cb590ac1cff08324f6d282b51bb9e9.zip | |
security/vuxml: document electron{27,28} object lifecycle issue in V8
Obtained from: https://github.com/electron/electron/releases/tag/v27.3.8,
https://github.com/electron/electron/releases/tag/v28.2.9
| -rw-r--r-- | security/vuxml/vuln/2024.xml | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml index d47dea5c6d85..ee4064fe2bc9 100644 --- a/security/vuxml/vuln/2024.xml +++ b/security/vuxml/vuln/2024.xml @@ -1,3 +1,36 @@ + <vuln vid="bdcd041e-5811-4da3-9243-573a9890fdb1"> + <topic>electron{27,28} -- Object lifecycle issue in V8</topic> + <affects> + <package> + <name>electron27</name> + <range><lt>27.3.8</lt></range> + </package> + <package> + <name>electron28</name> + <range><lt>28.2.9</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Electron developers report:</p> + <blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.8"> + <p>This update fixes the following vulnerability:</p> + <ul> + <li>Security: backported fix for CVE-2024-2625.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2024-2625</cvename> + <url>https://github.com/advisories/GHSA-j7h3-fcrw-g6j8</url> + </references> + <dates> + <discovery>2024-03-28</discovery> + <entry>2024-03-29</entry> + </dates> + </vuln> + <vuln vid="d2992bc2-ed18-11ee-96dc-001b217b3468"> <topic>Gitlab -- vulnerabilities</topic> <affects> |