[Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU

Wed, 21 Jun 2023 12:19:22 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6c2b6bc6 by Salvatore Bonaccorso at 2023-06-21T21:16:57+02:00
Process one NFU

- - - - -
30bcdfdc by Salvatore Bonaccorso at 2023-06-21T21:18:06+02:00
Add CVE-2023-34624/libhtmlcleaner-java

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,7 +47,7 @@ CVE-2023-34596 (A vulnerability in Aeotec WallMote Switch 
firmware v2.3 allows a
 CVE-2023-34563 (netgear R6250 Firmware Version 1.0.4.48 is vulnerable to 
Buffer Overfl ...)
        NOT-FOR-US: Netgear
 CVE-2023-34541 (Langchain 0.0.171 is vulnerable to Arbitrary code execution in 
load_pr ...)
-       TODO: check
+       NOT-FOR-US: Langchain
 CVE-2023-33869 (Enphase Envoy versions D7.0.88 is vulnerable to a command 
injection ex ...)
        NOT-FOR-US: Enphase Envoy
 CVE-2023-33495 (Craft CMS through 4.4.9 is vulnerable to HTML Injection.)
@@ -566,7 +566,8 @@ CVE-2023-34750 (bloofox v0.5.2.1 was discovered to contain 
a SQL injection vulne
 CVE-2023-34747 (File upload vulnerability in ujcms 6.0.2 via 
/api/backend/core/web-fil ...)
        NOT-FOR-US: ujcms
 CVE-2023-34624 (An issue was discovered htmlcleaner thru = 2.28 allows 
attackers to ca ...)
-       TODO: check
+       - libhtmlcleaner-java 2.29-1
+       NOTE: https://github.com/amplafi/htmlcleaner/issues/13
 CVE-2023-34623 (An issue was discovered jtidy thru r938 allows attackers to 
cause a de ...)
        - jtidy <unfixed> (bug #1038663)
        [bookworm] - jtidy <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f0b0c25921138cf7e02094c3a9256bb5cede9e77...30bcdfdcf56231c70dd338ad4621016efb0ad352

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f0b0c25921138cf7e02094c3a9256bb5cede9e77...30bcdfdcf56231c70dd338ad4621016efb0ad352
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to