Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7dace96e by Moritz Muehlenhoff at 2023-07-16T19:59:28+02:00 bullseye/bookworm triage - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -657,6 +657,7 @@ CVE-2023-37196 (A CWE-89: Improper Neutralization of Special Elements vulnerabil NOT-FOR-US: Schneider Electric CVE-2023-37174 (GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a seg ...) - gpac <unfixed> + [bullseye] - gpac <ignored> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2505 NOTE: https://github.com/gpac/gpac/commit/549ff4484246f2bc4d5fec6760332b43774db483 @@ -1546,6 +1547,7 @@ CVE-2023-3528 (A vulnerability was found in ThinuTech ThinuCMS 1.5. It has been NOT-FOR-US: ThinuTech ThinuCMS CVE-2023-3523 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.) - gpac <unfixed> + [bullseye] - gpac <ignored> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://huntr.dev/bounties/57e0be03-8484-415e-8b5c-c1fe4546eaac/ NOTE: https://github.com/gpac/gpac/commit/64201a26476c12a7dbd7ffb5757743af6954db96 @@ -4368,9 +4370,13 @@ CVE-2023-33557 (Fuel CMS v1.5.2 was discovered to contain a SQL injection vulner NOT-FOR-US: Fuel CMS CVE-2023-32732 (gRPC contains a vulnerability whereby a client can cause a termination ...) - grpc <unfixed> + [bookworm] - grpc <no-dsa> (Minor issue) + [bullseye] - grpc <no-dsa> (Minor issue) NOTE: https://github.com/grpc/grpc/pull/32309 CVE-2023-32731 (When gRPC HTTP2 stack raised a header size exceeded error, it skipped ...) - grpc <unfixed> + [bookworm] - grpc <no-dsa> (Minor issue) + [bullseye] - grpc <no-dsa> (Minor issue) NOTE: https://github.com/grpc/grpc/pull/32309 NOTE: https://github.com/grpc/grpc/pull/33005 CVE-2023-32312 (UmbracoIdentityExtensions is an Umbraco add-on package that enables ea ...) @@ -16666,6 +16672,8 @@ CVE-2023-1429 (Cross-site Scripting (XSS) - Reflected in GitHub repository pimco NOT-FOR-US: pimcore CVE-2023-1428 (There exists an vulnerability causing an abort() to be called in gRPC. ...) - grpc <unfixed> + [bookworm] - grpc <no-dsa> (Minor issue) + [bullseye] - grpc <no-dsa> (Minor issue) NOTE: https://github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8 (v1.54.0-pre1) CVE-2023-1427 (- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not en ...) NOT-FOR-US: WordPress plugin View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7dace96e208c4985be19716090774d0fc4b1a434 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7dace96e208c4985be19716090774d0fc4b1a434 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits