Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
59aff79d by Moritz Mühlenhoff at 2023-05-24T15:36:18+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13017,7 +13017,7 @@ CVE-2023-27586 (CairoSVG is an SVG converter based on
Cairo, a 2D graphics libra
NOTE: Introduced in
https://github.com/Kozea/CairoSVG/commit/1ee0889f4015ebaddcf9976d43222e673155797c
(0.3)
CVE-2023-27585 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-3394-1}
- - asterisk <unfixed>
+ - asterisk <unfixed> (bug #1036697)
- pjproject <removed>
- ring <unfixed>
NOTE:
https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr
@@ -16906,17 +16906,17 @@ CVE-2023-26120 (This affects all versions of the
package com.xuxueli:xxl-job. HT
CVE-2023-26119 (Versions of the package net.sourceforge.htmlunit:htmlunit from
0 and b ...)
NOT-FOR-US: net.sourceforge.htmlunit:htmlunit
CVE-2023-26118 (Versions of the package angular from 1.4.9 are vulnerable to
Regular E ...)
- - angular.js <unfixed>
+ - angular.js <unfixed> (bug #1036694)
[bookworm] - angular.js <no-dsa> (Minor issue)
[bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046
CVE-2023-26117 (Versions of the package angular from 1.0.0 are vulnerable to
Regular E ...)
- - angular.js <unfixed>
+ - angular.js <unfixed> (bug #1036694)
[bookworm] - angular.js <no-dsa> (Minor issue)
[bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045
CVE-2023-26116 (Versions of the package angular from 1.2.21 are vulnerable to
Regular ...)
- - angular.js <unfixed>
+ - angular.js <unfixed> (bug #1036694)
[bookworm] - angular.js <no-dsa> (Minor issue)
[bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044
@@ -19242,7 +19242,7 @@ CVE-2023-25442 (Auth. (admin+) Stored Cross-site
Scripting (XSS) vulnerability i
CVE-2023-25441
RESERVED
CVE-2023-25440 (Stored Cross Site Scripting (XSS) vulnerability in the add
contact fun ...)
- - civicrm <unfixed>
+ - civicrm <unfixed> (bug #1036695)
CVE-2023-25439
RESERVED
CVE-2023-25438 (An issue was discovered in Genomedics MilleGP5 5.9.2, allows
remote at ...)
@@ -96125,7 +96125,7 @@ CVE-2022-25872 (All versions of package
fast-string-search are vulnerable to Out
CVE-2022-25871 (All versions of package querymen are vulnerable to Prototype
Pollution ...)
NOT-FOR-US: Node querymen
CVE-2022-25869 (All versions of package angular are vulnerable to Cross-site
Scripting ...)
- - angular.js <unfixed>
+ - angular.js <unfixed> (bug #1036694)
[bookworm] - angular.js <no-dsa> (Minor issue)
[bullseye] - angular.js <no-dsa> (Minor issue)
[buster] - angular.js <no-dsa> (Minor issue)
@@ -310062,7 +310062,7 @@ CVE-2018-20589 (Ivan Cordoba Generic Content
Management System (CMS) through 201
CVE-2018-20588 (lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc
v0.10.3-a ...)
NOT-FOR-US: otfcc
CVE-2018-20587 (Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0
through 0. ...)
- - bitcoin <unfixed>
+ - bitcoin <unfixed> (bug #1036696)
NOTE:
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-20587
NOTE: Documentation of issue:
https://github.com/bitcoin/bitcoin/pull/15223
CVE-2018-20586 (bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of
arbitrary d ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59aff79d1245e6c96cb8d2a8f6e2becb4bd8c140
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59aff79d1245e6c96cb8d2a8f6e2becb4bd8c140
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
