Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2d8214b by security tracker role at 2023-06-10T08:12:12+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2023-3188 (Server-Side Request Forgery (SSRF) in GitHub repository
owncast/owncas ...)
+ TODO: check
+CVE-2023-3187 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
CVE-2023-3184 (A vulnerability was found in SourceCodester Sales Tracker
Management S ...)
NOT-FOR-US: SourceCodester Sales Tracker Management System
CVE-2023-3183 (A vulnerability was found in SourceCodester Performance
Indicator Syst ...)
@@ -7776,8 +7780,8 @@ CVE-2023-29753 (An issue found in Facemoji Emoji Keyboard
v.2.9.1.2 for Android
TODO: check
CVE-2023-29752 (An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for
Android allows ...)
TODO: check
-CVE-2023-29751
- RESERVED
+CVE-2023-29751 (An issue found in Yandex Navigator v.6.60 for Android allows
unauthori ...)
+ TODO: check
CVE-2023-29750
RESERVED
CVE-2023-29749 (An issue found in Yandex Navigator v.6.60 for Android allows
unauthori ...)
@@ -17942,8 +17946,8 @@ CVE-2023-26467 (A man in the middle can redirect
traffic to a malicious server i
NOT-FOR-US: RPA: Synchronization Engine
CVE-2023-26466 (A user with non-Admin access can change a configuration file
on the cl ...)
NOT-FOR-US: RPA: Synchronization Engine
-CVE-2023-26465
- RESERVED
+CVE-2023-26465 (Pega Platform versions 7.2 to 8.8.1 are affected by an XSS
issue.)
+ TODO: check
CVE-2023-25944
RESERVED
CVE-2023-25779
@@ -18875,8 +18879,8 @@ CVE-2023-26134
RESERVED
CVE-2023-26133
RESERVED
-CVE-2023-26132
- RESERVED
+CVE-2023-26132 (Versions of the package dottie before 2.0.4 are vulnerable to
Prototyp ...)
+ TODO: check
CVE-2023-26131 (All versions of the package
github.com/xyproto/algernon/engine; all ve ...)
TODO: check
CVE-2023-26130 (Versions of the package yhirose/cpp-httplib before 0.12.4 are
vulnerab ...)
@@ -101407,7 +101411,7 @@ CVE-2022-24861 (Databasir is a team-oriented
relational database model document
CVE-2022-24860 (Databasir is a team-oriented relational database model
document manage ...)
NOT-FOR-US: Databasir
CVE-2022-24859 (PyPDF2 is an open source python PDF library capable of
splitting, merg ...)
- {DLA-3039-1}
+ {DLA-3451-1 DLA-3039-1}
- pypdf2 1.27.9-1 (bug #1009879)
[bullseye] - pypdf2 <no-dsa> (Minor issue)
NOTE:
https://github.com/py-pdf/PyPDF2/security/advisories/GHSA-xcjx-m2pj-8g79
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2d8214beefc4eff5c86c0845bcdc75ec879f57f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2d8214beefc4eff5c86c0845bcdc75ec879f57f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
