Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2c4ecbee by Moritz Muehlenhoff at 2023-09-04T10:43:01+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -239,13 +239,13 @@ CVE-2023-41628 (An issue in O-RAN Software Community E2 G-Release allows attacke CVE-2023-41627 (O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the ...) NOT-FOR-US: O-RAN CVE-2023-41364 (In tine through 2023.01.14.325, the sort parameter of the /index.php e ...) - TODO: check + NOT-FOR-US: Tine groupware CVE-2023-41051 (In a typical Virtual Machine Monitor (VMM) there are several component ...) - rust-vm-memory <unfixed> (bug #1051101) NOTE: https://github.com/rust-vmm/vm-memory/security/advisories/GHSA-49hh-fprx-m68g NOTE: https://github.com/rust-vmm/vm-memory/commit/aff1dd4a5259f7deba56692840f7a2d9ca34c9c8 (v0.12.2) CVE-2023-41049 (@dcl/single-sign-on-client is an open source npm library which deals w ...) - TODO: check + NOT-FOR-US: Node @dcl/single-sign-on-client CVE-2023-41046 (XWiki Platform is a generic wiki platform offering runtime services fo ...) NOT-FOR-US: XWiki CVE-2023-40980 (File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before ...) @@ -269,7 +269,7 @@ CVE-2023-39710 (Multiple cross-site scripting (XSS) vulnerabilities in Free and CVE-2023-39703 (A cross site scripting (XSS) vulnerability in the Markdown Editor comp ...) NOT-FOR-US: Typora CVE-2023-39685 (An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial ...) - TODO: check + NOT-FOR-US: hjson-java CVE-2023-39631 (An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker t ...) NOT-FOR-US: LanChain-ai Langchain CVE-2023-39582 (SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allow ...) @@ -539,7 +539,7 @@ CVE-2023-3162 (The Stripe Payment Plugin for WooCommerce plugin for WordPress is CVE-2023-39139 (An issue in Archive v3.3.7 allows attackers to execute a path traversa ...) TODO: check CVE-2023-39138 (An issue in ZIPFoundation v0.9.16 allows attackers to execute a path t ...) - TODO: check + NOT-FOR-US: ZIPFoundation CVE-2023-39137 (An issue in Archive v3.3.7 allows attackers to spoof zip filenames whi ...) TODO: check CVE-2023-39136 (An unhandled edge case in the component _sanitizedPath of ZipArchive v ...) @@ -1063,7 +1063,7 @@ CVE-2023-39968 (jupyter-server is the backend for Jupyter web applications. Open CVE-2023-39650 (Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a ...) NOT-FOR-US: Theme Volty CMS Blog CVE-2023-39059 (An issue in ansible semaphore v.2.8.90 allows a remote attacker to exe ...) - TODO: check + NOT-FOR-US: Ansible Semaphore CVE-2023-38969 (Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote a ...) NOT-FOR-US: Badaso CVE-2023-34725 (An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T5 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c4ecbee2780aa4d941044709b6cf4db83b86887 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c4ecbee2780aa4d941044709b6cf4db83b86887 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits