Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
783145e4 by Moritz Muehlenhoff at 2023-08-17T10:04:02+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22,7 +22,7 @@ CVE-2023-4382 (A vulnerability, which was classified as
problematic, has been fo
CVE-2023-4381 (Unverified Password Change in GitHub repository
instantsoft/icms2 prio ...)
NOT-FOR-US: icms2
CVE-2023-4241 (lol-html can cause panics on certain HTML inputs. Anyone
processing ar ...)
- TODO: check
+ NOT-FOR-US: lol-html
CVE-2023-4204 (NPort IAW5000A-I/O Series firmware version v2.2 and prior is
affected ...)
NOT-FOR-US: NPort IAW5000A-I/O Series firmware
CVE-2023-39975 (kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before
1.21.2 has a ...)
@@ -310,7 +310,7 @@ CVE-2023-38851 (Buffer Overflow vulnerability in
libxlsv.1.6.2 allows a remote a
NOTE: https://github.com/libxls/libxls/issues/124 (#2)
NOTE: Negligible security impact
CVE-2023-38850 (Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7
allows an ...)
- TODO: check
+ NOT-FOR-US: Codedoc
CVE-2023-38840 (An issue in Bitwarden Bitwarden Desktop v.2023.5.1 allows a
local atta ...)
NOT-FOR-US: Bitwarden
CVE-2023-38402 (A vulnerability in the HPE Aruba Networking Virtual
IntranetAccess (VI ...)
@@ -328,9 +328,9 @@ CVE-2023-4308 (The User Submitted Posts plugin for
WordPress is vulnerable to St
CVE-2023-40518 (LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly
validate HTTP ...)
NOT-FOR-US: LiteSpeed OpenLiteSpeed
CVE-2023-40453 (Docker Machine through 0.16.2 allows an attacker, who has
control of a ...)
- TODO: check
+ NOT-FOR-US: Docker Machine
CVE-2023-40013 (SVG Loader is a javascript library that fetches SVGs using
XMLHttpRequ ...)
- TODO: check
+ NOT-FOR-US: SVG Loader
CVE-2023-39829 (Tenda A18 V15.13.07.09 was discovered to contain a stack
overflow via ...)
NOT-FOR-US: Tenda
CVE-2023-39828 (Tenda A18 V15.13.07.09 was discovered to contain a stack
overflow via ...)
@@ -342,7 +342,7 @@ CVE-2023-38687 (Svelecte is a flexible autocomplete/select
component written in
CVE-2023-35689 (In checkDebuggingDisallowed of DeviceVersionFragment.java,
there is a ...)
NOT-FOR-US: Android
CVE-2023-32358 (A type confusion issue was addressed with improved checks.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-4322 (Heap-based Buffer Overflow in GitHub repository
radareorg/radare2 prio ...)
- radare2 <unfixed>
NOTE:
https://github.com/radareorg/radare2/commit/ba919adb74ac368bf76b150a00347ded78b572dd
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/783145e49ed4434d5bf2ea9b8c324339b537363b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/783145e49ed4434d5bf2ea9b8c324339b537363b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
