Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
701fab4b by Moritz Muehlenhoff at 2024-01-23T11:47:30+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,45 +15,45 @@ CVE-2024-23342 (The `ecdsa` PyPI package is a pure Python
implementation of ECC
NOTE:
https://github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-wj6h-64fc-37mp
NOTE: https://minerva.crocs.fi.muni.cz/
CVE-2024-23340 (@hono/node-server is an adapter that allows users to run Hono
applicat ...)
- TODO: check
+ NOT-FOR-US: Hono
CVE-2024-23339 (hoolock is a suite of lightweight utilities designed to
maintain a sma ...)
- TODO: check
+ NOT-FOR-US: hoolock
CVE-2024-23224 (The issue was addressed with improved checks. This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23223 (A privacy issue was addressed with improved handling of files.
This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23222 (A type confusion issue was addressed with improved checks.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23219 (The issue was addressed with improved authentication. This
issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23218 (A timing side-channel issue was addressed with improvements to
constan ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23217 (A privacy issue was addressed with improved handling of
temporary file ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23215 (An issue was addressed with improved handling of temporary
files. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23214 (Multiple memory corruption issues were addressed with improved
memory ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23213 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23212 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23211 (A privacy issue was addressed with improved handling of user
preferenc ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23210 (This issue was addressed with improved redaction of sensitive
informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23209 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23208 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23207 (This issue was addressed with improved redaction of sensitive
informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23206 (An access issue was addressed with improved access
restrictions. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23204 (The issue was addressed with additional permissions checks.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23203 (The issue was addressed with additional permissions checks.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-22772 (Improper Input Validation in Hitron Systems DVR LGUVR-8H
1.02~4.02 all ...)
NOT-FOR-US: Hitron Systems DVR LGUVR-8H
CVE-2024-22771 (Improper Input Validation in Hitron Systems DVR LGUVR-4H
1.02~4.02 all ...)
@@ -69,19 +69,19 @@ CVE-2024-0587 (The AMP for WP \u2013 Accelerated Mobile
Pages plugin for WordPre
CVE-2023-47141 (IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 11. ...)
NOT-FOR-US: IBM
CVE-2023-42937 (A privacy issue was addressed with improved private data
redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42935 (An authentication issue was addressed with improved state
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42915 (Multiple issues were addressed by updating to curl version
8.4.0. This ...)
- TODO: check
+ NOT-FOR-US: Apple (bundling curl)
CVE-2023-42888 (The issue was addressed with improved checks. This issue is
fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42887 (An access issue was addressed with additional sandbox
restrictions. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42881 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-40528 (This issue was addressed by removing the vulnerable code. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-22895 (DedeCMS 5.7.112 has a File Upload vulnerability via
uploads/dede/modul ...)
NOT-FOR-US: DedeCMS
CVE-2024-22233 (In Spring Framework versions 6.0.15 and 6.1.2, it is possible
for a us ...)
@@ -218,7 +218,7 @@ CVE-2016-15037 (A vulnerability, which was classified as
problematic, has been f
CVE-2023-7063 (The WPForms Pro plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
NOT-FOR-US: WordPress plugin
CVE-2024-23689 (Exposure of sensitive information in exceptions in
ClichHouse's clickh ...)
- TODO: check
+ NOT-FOR-US: clickhouse-r2dbc
CVE-2024-23688 (Consensys Discovery versions less than 0.4.5 uses the same
AES/GCM non ...)
NOT-FOR-US: Consensys Discovery
CVE-2024-23687 (Hard-coded credentials in FOLIO mod-data-export-spring
versions before ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/701fab4b069d369fa4be51ce74ec78e9ffe12b05
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/701fab4b069d369fa4be51ce74ec78e9ffe12b05
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
