[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 21 May 2023 01:12:15 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
623b63be by security tracker role at 2023-05-21T08:11:55+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2023-32589 (Cross-Site Request Forgery (CSRF) vulnerability in PingOnline 
Dyslexie ...)
+       TODO: check
+CVE-2023-2826 (A vulnerability has been found in SourceCodester Class 
Scheduling Syst ...)
+       TODO: check
 CVE-2023-33244 (Obsidian before 1.2.2 allows calls to unintended APIs (for 
microphone  ...)
        NOT-FOR-US: Obsidian
 CVE-2023-2713 (Authorization Bypass Through User-Controlled Key vulnerability  
in "Re ...)
@@ -21923,8 +21927,8 @@ CVE-2023-24416
        RESERVED
 CVE-2023-24415 (Cross-Site Request Forgery (CSRF) vulnerability in 
QuantumCloud ChatBo ...)
        NOT-FOR-US: WordPress plugin
-CVE-2023-24414
-       RESERVED
+CVE-2023-24414 (Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft 
Photo Gall ...)
+       TODO: check
 CVE-2023-24413
        RESERVED
 CVE-2023-24412
@@ -23232,8 +23236,8 @@ CVE-2023-23892 (Auth. (contributor+) Stored Cross-Site 
Scripting (XSS) vulnerabi
        NOT-FOR-US: WordPress plugin
 CVE-2023-23891 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
        NOT-FOR-US: WordPress plugin
-CVE-2023-23890
-       RESERVED
+CVE-2023-23890 (Cross-Site Request Forgery (CSRF) vulnerability in LJ Apps WP 
Airbnb R ...)
+       TODO: check
 CVE-2023-23889 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-23888
@@ -27270,8 +27274,8 @@ CVE-2023-22691 (Cross-Site Request Forgery (CSRF) 
vulnerability in Tips and Tric
        NOT-FOR-US: WordPress plugin
 CVE-2023-22690 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Shop ...)
        NOT-FOR-US: WordPress plugin
-CVE-2023-22689
-       RESERVED
+CVE-2023-22689 (Cross-Site Request Forgery (CSRF) vulnerability in Lucian 
Apostol Auto ...)
+       TODO: check
 CVE-2023-22688
        RESERVED
 CVE-2023-22687 (Insecure Storage of Sensitive Information vulnerability in 
Jose Mortel ...)
@@ -33185,8 +33189,8 @@ CVE-2022-47136
        RESERVED
 CVE-2022-47135
        RESERVED
-CVE-2022-47134
-       RESERVED
+CVE-2022-47134 (Cross-Site Request Forgery (CSRF) vulnerability in Bill 
Erickson Galle ...)
+       TODO: check
 CVE-2022-47133
        RESERVED
 CVE-2022-47132 (A Cross-Site Request Forgery (CSRF) in Academy LMS before 
v5.10 allows ...)
@@ -127275,6 +127279,7 @@ CVE-2021-41079 (Apache Tomcat 8.5.0 to 8.5.63, 
9.0.0-M1 to 9.0.43 and 10.0.0-M1
        NOTE: 
https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
 (9.0.44)
        NOTE: 
https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
 (8.5.64)
 CVE-2021-3803 (nth-check is vulnerable to Inefficient Regular Expression 
Complexity)
+       {DLA-3428-1}
        - node-nth-check 2.0.1-1
        [bullseye] - node-nth-check 2.0.0-1+deb11u1
        [stretch] - node-nth-check <end-of-life> (Nodejs in stretch not covered 
by security support)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/623b63bedc2f8f517521046f24876cd1259562cd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/623b63bedc2f8f517521046f24876cd1259562cd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to