Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
999187a6 by Moritz Muehlenhoff at 2023-07-07T21:02:48+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -113,7 +113,7 @@ CVE-2023-35948 (Novu provides an API for sending
notifications through multiple
CVE-2023-35937 (Metersphere is an open source continuous testing platform. In
versions ...)
NOT-FOR-US: Metersphere
CVE-2023-35934 (yt-dlp is a command-line program to download videos from video
sites. ...)
- - yt-dlp <unfixed>
+ - yt-dlp <unfixed> (bug #1040595)
[bookworm] - yt-dlp <no-dsa> (Minor issue)
[bullseye] - yt-dlp <no-dsa> (Minor issue)
NOTE:
https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj
@@ -793,7 +793,7 @@ CVE-2023-34487 (itsourcecode Online Hotel Management System
Project In PHP v1.0.
CVE-2023-34486 (itsourcecode Online Hotel Management System Project In PHP
v1.0.0 is v ...)
NOT-FOR-US: itsourcecode Online Hotel Management System Project
CVE-2023-33466 (Orthanc before 1.12.0 allows authenticated users with access
to the Or ...)
- - orthanc <unfixed>
+ - orthanc <unfixed> (bug #1040597)
NOTE:
https://discourse.orthanc-server.org/t/security-advisory-for-orthanc-deployments-running-versions-before-1-12-0/3568
CVE-2023-33277 (The web interface of Gira Giersiepen Gira KNX/IP-Router
3.1.3683.0 and ...)
NOT-FOR-US: Gira Giersiepen Gira KNX/IP-Router
@@ -9489,7 +9489,7 @@ CVE-2023-30364
CVE-2023-30363 (vConsole v3.15.0 was discovered to contain a prototype
pollution due t ...)
NOT-FOR-US: Tencent vConsole
CVE-2023-30362 (Buffer Overflow vulnerability in coap_send function in libcoap
library ...)
- - libcoap3 <unfixed>
+ - libcoap3 <unfixed> (bug #1040594)
[bookworm] - libcoap3 <no-dsa> (Minor issue)
NOTE: https://github.com/obgm/libcoap/issues/1063
NOTE:
https://github.com/obgm/libcoap/commit/e242200f0af2a418dc9f69eee543feacc13cd851
@@ -9808,7 +9808,7 @@ CVE-2023-30209
CVE-2023-30208
RESERVED
CVE-2023-30207 (A divide by zero issue discovered in Kodi Home Theater
Software 19.5 a ...)
- - kodi <unfixed>
+ - kodi <unfixed> (bug #1040593)
[bookworm] - kodi <no-dsa> (Minor issue)
[bullseye] - kodi <no-dsa> (Minor issue)
NOTE: https://github.com/xbmc/xbmc/issues/22378
@@ -21972,7 +21972,7 @@ CVE-2023-26134 (Versions of the package git-commit-info
before 2.0.2 are vulnera
CVE-2023-26133 (All versions of the package progressbar.js are vulnerable to
Prototype ...)
NOT-FOR-US: progressbar.js
CVE-2023-26132 (Versions of the package dottie before 2.0.4 are vulnerable to
Prototyp ...)
- - node-dottie <unfixed>
+ - node-dottie <unfixed> (bug #1040592)
[bookworm] - node-dottie <no-dsa> (Minor issue)
[bullseye] - node-dottie <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-DOTTIE-3332763
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/999187a68f74d68d881f38edd0cefa7ff2e3102a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/999187a68f74d68d881f38edd0cefa7ff2e3102a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
