Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5d541685 by Moritz Mühlenhoff at 2023-05-24T10:01:38+02:00
bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11265,6 +11265,7 @@ CVE-2023-28145
RESERVED
CVE-2023-28144 (KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default
configura ...)
- hotspot <unfixed> (bug #1033848)
+ [bookworm] - hotspot <no-dsa> (Minor issue)
[bullseye] - hotspot <no-dsa> (Minor issue)
[buster] - hotspot <not-affected> (Vulnerable code not present,
introduced in 1.3.0)
NOTE: https://www.openwall.com/lists/oss-security/2023/03/14/8
@@ -16873,12 +16874,18 @@ CVE-2023-26119 (Versions of the package
net.sourceforge.htmlunit:htmlunit from 0
NOT-FOR-US: net.sourceforge.htmlunit:htmlunit
CVE-2023-26118 (Versions of the package angular from 1.4.9 are vulnerable to
Regular E ...)
- angular.js <unfixed>
+ [bookworm] - angular.js <no-dsa> (Minor issue)
+ [bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046
CVE-2023-26117 (Versions of the package angular from 1.0.0 are vulnerable to
Regular E ...)
- angular.js <unfixed>
+ [bookworm] - angular.js <no-dsa> (Minor issue)
+ [bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045
CVE-2023-26116 (Versions of the package angular from 1.2.21 are vulnerable to
Regular ...)
- angular.js <unfixed>
+ [bookworm] - angular.js <no-dsa> (Minor issue)
+ [bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044
CVE-2023-26115
RESERVED
@@ -96085,6 +96092,7 @@ CVE-2022-25871 (All versions of package querymen are
vulnerable to Prototype Pol
NOT-FOR-US: Node querymen
CVE-2022-25869 (All versions of package angular are vulnerable to Cross-site
Scripting ...)
- angular.js <unfixed>
+ [bookworm] - angular.js <no-dsa> (Minor issue)
[bullseye] - angular.js <no-dsa> (Minor issue)
[buster] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-2949781
@@ -96143,6 +96151,7 @@ CVE-2022-25845 (The package com.alibaba:fastjson before
1.2.83 are vulnerable to
NOT-FOR-US: com.alibaba:fastjson
CVE-2022-25844 (The package angular after 1.7.0 are vulnerable to Regular
Expression D ...)
- angular.js <unfixed> (bug #1014779)
+ [bookworm] - angular.js <no-dsa> (Minor issue)
[bullseye] - angular.js <no-dsa> (Minor issue)
[buster] - angular.js <no-dsa> (Minor issue, probably even not-affected)
[stretch] - angular.js <ignored> (Nodejs in stretch not covered by
security support)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d541685df2f3b1eef3eba14b974ba6ba57225b0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d541685df2f3b1eef3eba14b974ba6ba57225b0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
