[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) Sat, 04 May 2024 11:47:05 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ef852fb3 by Moritz Muehlenhoff at 2024-05-04T20:46:09+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2252,10 +2252,10 @@ CVE-2024-0334 (The Jeg Elementor Kit plugin for 
WordPress is vulnerable to Store
 CVE-2023-7241 (Privilege Escalationin WRSA.EXE in Webroot Antivirus 8.0.1X- 
9.0.35.12 ...)
        NOT-FOR-US: Webroot Antivirus
 CVE-2023-49606 (A use-after-free vulnerability exists in the HTTP Connection 
Headers p ...)
-       - tinyproxy <unfixed>
+       - tinyproxy <unfixed> (bug #1070395)
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889
 CVE-2023-47212 (A heap-based buffer overflow vulnerability exists in the 
comment funct ...)
-       - libstb <unfixed>
+       - libstb <unfixed> (bug #1070394)
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1846
 CVE-2023-47166 (A firmware update vulnerability exists in the luci2-io 
file-import fun ...)
        NOT-FOR-US: Milesight UR32L
@@ -2264,7 +2264,7 @@ CVE-2023-46295 (An issue was discovered in Teledyne FLIR 
M300 2.00-19. Unauthent
 CVE-2023-46294 (An issue was discovered in Teledyne FLIR M300 2.00-19. User 
account pa ...)
        NOT-FOR-US: Teledyne FLIR M300
 CVE-2023-40533 (An uninitialized memory use vulnerability exists in Tinyproxy 
1.11.1 w ...)
-       - tinyproxy <unfixed>
+       - tinyproxy <unfixed> (bug #1070395)
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1902
 CVE-2024-27392 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux <not-affected> (Vulnerable code not present)
@@ -3409,7 +3409,7 @@ CVE-2023-48684 (Sensitive information disclosure and 
manipulation due to missing
 CVE-2023-48683 (Sensitive information disclosure and manipulation due to 
missing autho ...)
        NOT-FOR-US: Acronis Cyber Protect Cloud Agent
 CVE-2023-46565 (Buffer Overflow vulnerability in osrg gobgp commit 
419c50dfac578daa4d1 ...)
-       - gobgp <unfixed>
+       - gobgp <unfixed> (bug #1070393)
        NOTE: https://github.com/osrg/gobgp/issues/2725
 CVE-2023-46270 (MacPaw The Unarchiver before 4.3.6 contains vulnerability 
related to m ...)
        NOT-FOR-US: MacPaw The Unarchiver
@@ -22042,7 +22042,7 @@ CVE-2024-25909 (Unrestricted Upload of File with 
Dangerous Type vulnerability in
 CVE-2024-25770 (libming 0.4.8 contains a memory leak vulnerability in 
/libming/src/act ...)
        - ming <removed>
 CVE-2024-25768 (OpenDMARC 1.4.2 contains a null pointer dereference 
vulnerability in / ...)
-       - opendmarc <unfixed>
+       - opendmarc <unfixed> (bug #1070390)
        [bookworm] - opendmarc <no-dsa> (Minor issue)
        [bullseye] - opendmarc <no-dsa> (Minor issue)
        [buster] - opendmarc <no-dsa> (Minor issue)
@@ -25146,7 +25146,7 @@ CVE-2024-25360 (A hidden interface in Motorola CX2L 
Router firmware v1.0.1 leaks
        NOT-FOR-US: Motorola
 CVE-2024-25112 (Exiv2 is a command-line utility and C++ library for reading, 
writing,  ...)
        [experimental] - exiv2 0.28.2+dfsg-1
-       - exiv2 <unfixed>
+       - exiv2 <unfixed> (bug #1070392)
        [bookworm] - exiv2 <no-dsa> (Minor issue)
        [bullseye] - exiv2 <no-dsa> (Minor issue)
        [buster] - exiv2 <no-dsa> (Minor issue)
@@ -25174,7 +25174,7 @@ CVE-2024-24875 (Cross-Site Request Forgery (CSRF) 
vulnerability in Yannick Lefeb
        NOT-FOR-US: WordPress plugin
 CVE-2024-24826 (Exiv2 is a command-line utility and C++ library for reading, 
writing,  ...)
        [experimental] - exiv2 0.28.2+dfsg-1
-       - exiv2 <unfixed>
+       - exiv2 <unfixed> (bug #1070392)
        [bookworm] - exiv2 <no-dsa> (Minor issue)
        [bullseye] - exiv2 <no-dsa> (Minor issue)
        [buster] - exiv2 <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef852fb39e30f07a3c0071ee27a717b2881f7300

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef852fb39e30f07a3c0071ee27a717b2881f7300
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bugnums

Reply via email to