Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a2de236c by Moritz Mühlenhoff at 2023-04-06T17:44:58+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -226,7 +226,7 @@ CVE-2023-29376
CVE-2023-29375
RESERVED
CVE-2023-29374 (In LangChain through 0.0.131, the LLMMathChain chain allows
prompt inj ...)
- TODO: check
+ NOT-FOR-US: LangChain
CVE-2023-29373
RESERVED
CVE-2023-29372
@@ -823,7 +823,7 @@ CVE-2023-24591
CVE-2023-1789 (Improper Input Validation in GitHub repository
firefly-iii/firefly-iii ...)
NOT-FOR-US: firefly-iii
CVE-2023-1788 (Insufficient Session Expiration in GitHub repository
firefly-iii/firef ...)
- TODO: check
+ NOT-FOR-US: firefly-iii
CVE-2023-1787 (An issue has been discovered in GitLab affecting all versions
starting ...)
TODO: check
CVE-2023-1786
@@ -1075,11 +1075,11 @@ CVE-2023-1760 (Cross-site Scripting (XSS) - Stored in
GitHub repository thorsten
CVE-2023-1759 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
NOT-FOR-US: phpmyfaq
CVE-2023-1758 (Failure to Sanitize Special Elements into a Different Plane
(Special E ...)
- TODO: check
+ NOT-FOR-US: phpmyfaq
CVE-2023-1757 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
- TODO: check
+ NOT-FOR-US: phpmyfaq
CVE-2023-1756 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
- TODO: check
+ NOT-FOR-US: phpmyfaq
CVE-2023-1755 (Cross-site Scripting (XSS) - Generic in GitHub repository
thorsten/php ...)
NOT-FOR-US: phpmyfaq
CVE-2023-1754 (Improper Input Validation in GitHub repository
thorsten/phpmyfaq prior ...)
@@ -1281,13 +1281,13 @@ CVE-2023-29008
CVE-2023-29007
RESERVED
CVE-2023-29006 (The Order GLPI plugin allows users to manage order management
within G ...)
- TODO: check
+ NOT-FOR-US: GLPI plugin
CVE-2023-29005
RESERVED
CVE-2023-29004
RESERVED
CVE-2023-29003 (SvelteKit is a web development framework. The SvelteKit
framework offe ...)
- TODO: check
+ NOT-FOR-US: SvelteKit
CVE-2023-29002
RESERVED
CVE-2023-29001
@@ -1838,11 +1838,11 @@ CVE-2023-28857
CVE-2023-28856
RESERVED
CVE-2023-28855 (Fields is a GLPI plugin that allows users to add custom fields
on GLPI ...)
- TODO: check
+ NOT-FOR-US: GLPI plugin
CVE-2023-28854 (nophp is a PHP web framework. Prior to version 0.0.1, nophp is
vulnera ...)
NOT-FOR-US: nophp
CVE-2023-28853 (Mastodon is a free, open-source social network server based on
Activit ...)
- TODO: check
+ - mastodon <itp> (bug #859741)
CVE-2023-28852 (GLPI is a free asset and IT management software package.
Starting in v ...)
TODO: check
CVE-2023-28851 (Silverstripe Form Capture provides a method to capture simple
silverst ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2de236c65c7cf481f5da63a9bd1f690919747d2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2de236c65c7cf481f5da63a9bd1f690919747d2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
