Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4f271358 by Moritz Muehlenhoff at 2024-02-23T09:38:16+01:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,29 +1,32 @@ +CVE-2024-23807 + NOTE: No change CVE assignment to clarify affected versions for CVE-2018-1311 + NOTE: Debian was already correct CVE-2024-26445 (flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forge ...) - TODO: check + NOT-FOR-US: flusity-CMS CVE-2024-26352 (flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forge ...) - TODO: check + NOT-FOR-US: flusity-CMS CVE-2024-26351 (flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forge ...) - TODO: check + NOT-FOR-US: flusity-CMS CVE-2024-26350 (flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forge ...) - TODO: check + NOT-FOR-US: flusity-CMS CVE-2024-26349 (flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forge ...) - TODO: check + NOT-FOR-US: flusity-CMS CVE-2024-26287 REJECTED CVE-2024-26284 (Utilizing a 302 redirect, an attacker could have conducted a Universal ...) - TODO: check + NOT-FOR-US: Mozilla Firefox Focus CVE-2024-26283 (An attacker could have executed unauthorized scripts on top origin sit ...) - TODO: check + - firefox <not-affected> (iOS-specific) CVE-2024-26282 (Using an AMP url with a canonical element, an attacker could have exec ...) - TODO: check + - firefox <not-affected> (iOS-specific) CVE-2024-26281 (Upon scanning a JavaScript URI with the QR code scanner, an attacker c ...) - TODO: check + - firefox <not-affected> (iOS-specific) CVE-2024-26152 (### Summary On all Label Studio versions prior to 1.11.0, data importe ...) - TODO: check + - label-studio <itp> (bug #1026232) CVE-2024-26151 (The `mjml` PyPI package, found at the `FelixSchwarz/mjml-python` GitHu ...) - TODO: check + NOT-FOR-US: mjml Python package CVE-2024-26128 (baserCMS is a website development framework. Prior to version 5.0.9, t ...) - TODO: check + NOT-FOR-US: baserCMS CVE-2024-25876 (A cross-site scripting (XSS) vulnerability in the Header module of Enh ...) TODO: check CVE-2024-25875 (A cross-site scripting (XSS) vulnerability in the Header module of Enh ...) @@ -287,17 +290,17 @@ CVE-2024-0903 (The User Feedback \u2013 Create Interactive Feedback Form, User S CVE-2024-0446 (A maliciously crafted STP, CATPART or MODEL file when parsed in ASMKER ...) NOT-FOR-US: Autodesk CVE-2023-52155 (A SQL Injection vulnerability in /admin/sauvegarde/run.php in PMB 7.4. ...) - TODO: check + NOT-FOR-US: PMB CVE-2023-52154 (File Upload vulnerability in pmb/camera_upload.php in PMB 7.4.7 and ea ...) - TODO: check + NOT-FOR-US: PMB CVE-2023-52153 (A SQL Injection vulnerability in /pmb/opac_css/includes/sessions.inc.p ...) - TODO: check + NOT-FOR-US: PMB CVE-2023-51828 (A SQL Injection vulnerability in /admin/convert/export.class.php in PM ...) - TODO: check + NOT-FOR-US: PMB CVE-2023-38844 (SQL injection vulnerability in PMB v.7.4.7 and earlier allows a remote ...) - TODO: check + NOT-FOR-US: PMB CVE-2023-37177 (SQL Injection vulnerability in PMB Services PMB v.7.4.7 and before all ...) - TODO: check + NOT-FOR-US: PMB CVE-2024-26147 (Helm is a package manager for Charts for Kubernetes. Versions prior to ...) - helm-kubernetes <itp> (bug #910799) CVE-2024-1726 @@ -341,7 +344,7 @@ CVE-2024-25892 (ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Inj CVE-2024-25891 (ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection ( ...) NOT-FOR-US: ChurchCRM CVE-2024-25461 (Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM ...) - TODO: check + NOT-FOR-US: Terrasoft CRM CVE-2024-25381 (There is a Stored XSS Vulnerability in Emlog Pro 2.2.8 Article Publish ...) NOT-FOR-US: Emlog Pro CVE-2024-25288 (SLIMS (Senayan Library Management Systems) 9 Bulian v9.6.1 is vulnerab ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f2713588148776f18a0ba83251ba7c030dc0ddf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f2713588148776f18a0ba83251ba7c030dc0ddf You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits