[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 13 May 2023 01:12:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8d913e43 by security tracker role at 2023-05-13T08:12:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2023-32303 (Planet is software that provides satellite data. The secret 
file store ...)
+       TODO: check
 CVE-2023-32306 (Time Tracker is an open source time tracking system. A 
time-based blin ...)
        NOT-FOR-US: Time Tracker
 CVE-2023-32305 (aiven-extras is a PostgreSQL extension. Versions prior to 
1.1.9 contai ...)
@@ -2008,8 +2010,7 @@ CVE-2023-2183
        RESERVED
 CVE-2023-2182 (An issue has been discovered in GitLab EE affecting all 
versions start ...)
        - gitlab <not-affected> (Specific to EE)
-CVE-2023-2181
-       RESERVED
+CVE-2023-2181 (An issue has been discovered in GitLab affecting all versions 
before 1 ...)
        - gitlab <unfixed>
 CVE-2023-2180
        RESERVED
@@ -2471,8 +2472,7 @@ CVE-2023-22372 (In the pre connection stage, an improper 
enforcement of message
        NOT-FOR-US: F5 BIG-IP
 CVE-2023-2089 (A vulnerability was found in SourceCodester Complaint 
Management Syste ...)
        NOT-FOR-US: SourceCodester Complaint Management System
-CVE-2023-2088 [OSSA-2023-003: Unauthorized volume access through deleted 
volume attachments]
-       RESERVED
+CVE-2023-2088 (A flaw was found in OpenStack due to an inconsistency between 
Cinder a ...)
        - cinder 2:21.1.0-3 (bug #1035961)
        - python-glance-store 4.1.0-4 (bug #1035962; bug #1035978)
        - nova 2:26.1.0-4 (bug #1035963; bug #1035981)
@@ -12969,8 +12969,8 @@ CVE-2023-1098 (An information disclosure vulnerability 
has been discovered in Gi
        - gitlab <unfixed>
 CVE-2023-1097 (Baicells EG7035-M11 devices with firmware through  
BCE-ODU-1.0.8 are v ...)
        NOT-FOR-US: Baicells EG7035-M11 devices
-CVE-2023-1096
-       RESERVED
+CVE-2023-1096 (SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 
are susc ...)
+       TODO: check
 CVE-2023-1095 (In nf_tables_updtable, if nf_tables_table_enable returns an 
error, nft ...)
        - linux 5.19.6-1
        [bullseye] - linux 5.10.140-1
@@ -19388,16 +19388,16 @@ CVE-2023-25011 (PC settings tool Ver10.1.26.0 and 
earlier, PC settings tool Ver1
        NOT-FOR-US: PC settings tool
 CVE-2023-25010 (A malicious actor may convince a victim to open a malicious 
USD file t ...)
        NOT-FOR-US: Autodesk
-CVE-2023-25009
-       RESERVED
-CVE-2023-25008
-       RESERVED
-CVE-2023-25007
-       RESERVED
-CVE-2023-25006
-       RESERVED
-CVE-2023-25005
-       RESERVED
+CVE-2023-25009 (A malicious actor may convince a user to open a malicious USD 
file tha ...)
+       TODO: check
+CVE-2023-25008 (A malicious actor may convince a user to open a malicious USD 
file tha ...)
+       TODO: check
+CVE-2023-25007 (A malicious actor may convince a user to open a malicious USD 
file tha ...)
+       TODO: check
+CVE-2023-25006 (A malicious actor may convince a user to open a malicious USD 
file tha ...)
+       TODO: check
+CVE-2023-25005 (A maliciously crafted DLL file can be forced to read beyond 
allocated  ...)
+       TODO: check
 CVE-2023-25004
        RESERVED
 CVE-2023-25003
@@ -41241,14 +41241,14 @@ CVE-2023-20882
        RESERVED
 CVE-2023-20881
        RESERVED
-CVE-2023-20880
-       RESERVED
-CVE-2023-20879
-       RESERVED
-CVE-2023-20878
-       RESERVED
-CVE-2023-20877
-       RESERVED
+CVE-2023-20880 (VMware Aria Operations contains a privilege escalation 
vulnerability.  ...)
+       TODO: check
+CVE-2023-20879 (VMware Aria Operations contains a Local privilege escalation 
vulnerabi ...)
+       TODO: check
+CVE-2023-20878 (VMware Aria Operations contains a deserialization 
vulnerability. A mal ...)
+       TODO: check
+CVE-2023-20877 (VMware Aria Operations contains a privilege escalation 
vulnerability.  ...)
+       TODO: check
 CVE-2023-20876
        RESERVED
 CVE-2023-20875



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d913e43f3a300818afe457fd6564e8f2f3db0d3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d913e43f3a300818afe457fd6564e8f2f3db0d3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to