Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
09cbdc3e by Salvatore Bonaccorso at 2023-08-11T11:36:04+02:00
Add two new PHP CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25,9 +25,17 @@ CVE-2023-40224 (MISP 2.4174 allows XSS in
app/View/Events/index.ctp.)
CVE-2023-40014 (OpenZeppelin Contracts is a library for secure smart contract
developm ...)
TODO: check
CVE-2023-3824 (In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and
8.2.* bef ...)
- TODO: check
+ - php8.2 <unfixed>
+ - php7.4 <removed>
+ - php7.3 <removed>
+ NOTE:
https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv
+ NOTE: Fixed in: 8.0.30, 8.1.22, 8.2.8
CVE-2023-3823 (In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and
8.2.* be ...)
- TODO: check
+ - php8.2 <unfixed>
+ - php7.4 <removed>
+ - php7.3 <removed>
+ NOTE:
https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr
+ NOTE: Fixed in: 8.0.30, 8.1.22, 8.2.8
CVE-2023-39553 (Improper Input Validation vulnerability in Apache Software
Foundation ...)
TODO: check
CVE-2023-38333 (Zoho ManageEngine Applications Manager through 16530 allows
reflected ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09cbdc3e6518b3f10898a22b8633ed3eece5fe7f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09cbdc3e6518b3f10898a22b8633ed3eece5fe7f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
