[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 25 Feb 2023 00:10:32 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3b5fcac5 by security tracker role at 2023-02-25T08:10:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-1031
+       RESERVED
+CVE-2023-1030 (A vulnerability has been found in SourceCodester Online Boat 
Reservati ...)
+       TODO: check
+CVE-2023-1029 (The WP Meta SEO plugin for WordPress is vulnerable to 
Cross-Site Reque ...)
+       TODO: check
+CVE-2023-1028
+       RESERVED
+CVE-2023-1027
+       RESERVED
+CVE-2023-1026
+       RESERVED
+CVE-2019-25105
+       RESERVED
 CVE-2023-26543
        RESERVED
 CVE-2023-26542
@@ -699,6 +713,7 @@ CVE-2023-0943 (A vulnerability, which was classified as 
problematic, has been fo
 CVE-2023-0942 (The Japanized For WooCommerce plugin for WordPress is 
vulnerable to Re ...)
        NOT-FOR-US: Japanized For WooCommerce plugin for WordPress
 CVE-2023-26314 (The mono package before 6.8.0.105+dfsg-3.3 for Debian allows 
arbitrary ...)
+       {DLA-3343-1}
        - mono 6.8.0.105+dfsg-3.3 (bug #972146)
        [bullseye] - mono <no-dsa> (Minor issue; will be fixed via point 
release)
        NOTE: https://www.openwall.com/lists/oss-security/2023/01/05/1
@@ -6616,8 +6631,8 @@ CVE-2023-24191 (Online Food Ordering System v2 was 
discovered to contain a cross
        NOT-FOR-US: Online Food Ordering System
 CVE-2023-24190
        RESERVED
-CVE-2023-24189
-       RESERVED
+CVE-2023-24189 (An XML External Entity (XXE) vulnerability in urule v2.1.7 
allows atta ...)
+       TODO: check
 CVE-2023-24188 (ureport v2.2.9 was discovered to contain a directory traversal 
vulnera ...)
        NOT-FOR-US: ureport
 CVE-2023-24187 (An XML External Entity (XXE) vulnerability in ureport v2.2.9 
allows at ...)
@@ -26396,8 +26411,8 @@ CVE-2022-44312 (PicoC Version 3.2.2 was discovered to 
contain a heap buffer over
        NOT-FOR-US: PicoC
 CVE-2022-44311 (html2xhtml v1.3 was discovered to contain an Out-Of-Bounds 
read in the ...)
        NOT-FOR-US: html2xhtml
-CVE-2022-44310
-       RESERVED
+CVE-2022-44310 (In Development IL ecdh before 0.2.0, an attacker can send an 
invalid p ...)
+       TODO: check
 CVE-2022-44309
        RESERVED
 CVE-2022-44308
@@ -87310,8 +87325,8 @@ CVE-2022-23538 (github.com/sylabs/scs-library-client is 
the Go client for the Si
        TODO: check details, might as well affect 
golang-github-apptainer-container-library-client
 CVE-2022-23536 (Cortex provides multi-tenant, long term storage for 
Prometheus. A loca ...)
        NOT-FOR-US: Cortex (multi-tenant, long term storage for Prometheus)
-CVE-2022-23535
-       RESERVED
+CVE-2022-23535 (LiteDB is a small, fast and lightweight .NET NoSQL embedded 
database.  ...)
+       TODO: check
 CVE-2022-23534
        RESERVED
 CVE-2022-23533
@@ -125216,8 +125231,8 @@ CVE-2021-35292
        RESERVED
 CVE-2021-35291
        RESERVED
-CVE-2021-35290
-       RESERVED
+CVE-2021-35290 (File Upload vulnerability in balerocms-src 0.8.3 allows remote 
attacke ...)
+       TODO: check
 CVE-2021-35289
        RESERVED
 CVE-2021-35288
@@ -127645,10 +127660,10 @@ CVE-2021-34251
 CVE-2021-34250
        REJECTED
        NOT-FOR-US: baijiacms
-CVE-2021-34249
-       RESERVED
-CVE-2021-34248
-       RESERVED
+CVE-2021-34249 (SQL injection vulnerability in sourcecodester 
online-book-store 1.0 al ...)
+       TODO: check
+CVE-2021-34248 (SQL injection vulnerability in sourcecodester 
mobile-shop-system-php-m ...)
+       TODO: check
 CVE-2021-34247
        RESERVED
 CVE-2021-34246
@@ -127809,8 +127824,8 @@ CVE-2021-34169
        RESERVED
 CVE-2021-34168
        RESERVED
-CVE-2021-34167
-       RESERVED
+CVE-2021-34167 (Cross Site Request Forgery (CSRF) vulnerability in taoCMS 
3.0.2 allows ...)
+       TODO: check
 CVE-2021-34166 (A SQL INJECTION vulnerability in Sourcecodester Simple Food 
Website 1. ...)
        NOT-FOR-US: Sourcecodester
 CVE-2021-34165 (A SQL Injection vulnerability in Sourcecodester Basic Shopping 
Cart 1. ...)
@@ -128032,8 +128047,8 @@ CVE-2021-34066 (An issue was discovered in 
EdgeGallery/developer before v1.0. Th
        NOT-FOR-US: EdgeGallery/developer
 CVE-2021-34065
        RESERVED
-CVE-2021-34064 (An issue found in Koel v.5.1.4 and before allows remote 
attackers to g ...)
-       TODO: check
+CVE-2021-34064
+       REJECTED
 CVE-2021-34063
        RESERVED
 CVE-2021-34062



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b5fcac5dc5d432f2bcd1baee9dc8f7f9852f8ed

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b5fcac5dc5d432f2bcd1baee9dc8f7f9852f8ed
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to