[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage

Wed, 23 Aug 2023 05:39:10 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6768eaac by Moritz Muehlenhoff at 2023-08-23T14:38:29+02:00
bullseye/bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,16 +59,19 @@ CVE-2023-38906 (An issue in TPLink Smart bulb Tapo series 
L530 v.1.0.0 and Tapo
 CVE-2023-38732 (IBM Robotic Process Automation 21.0.0 through 21.0.7 server 
could allo ...)
        NOT-FOR-US: IBM
 CVE-2023-38668 (Stack-based buffer over-read in disasm in nasm 2.16 allows 
attackers t ...)
-       - nasm <unfixed>
+       - nasm <unfixed> (unimportant)
        NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392811
+       NOTE: Crash in CLI tool, no security impact
 CVE-2023-38667 (Stack-based buffer over-read in function disasm in nasm 2.16 
allows at ...)
-       - nasm <unfixed>
+       - nasm <unfixed> (unimportant)
        NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392812
+       NOTE: Crash in CLI tool, no security impact
 CVE-2023-38666 (Bento4 v1.6.0-639 was discovered to contain a segmentation 
violation v ...)
        NOT-FOR-US: Bento4
 CVE-2023-38665 (Null pointer dereference in ieee_write_file in nasm 2.16rc0 
allows att ...)
-       - nasm <unfixed>
+       - nasm <unfixed> (unimportant)
        NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392818
+       NOTE: Crash in CLI tool, no security impact
 CVE-2023-37440 (A vulnerability in the web-based management interfaceof 
EdgeConnect SD ...)
        NOT-FOR-US: Aruba
 CVE-2023-37439 (Multiple vulnerabilities in the web-based managementinterface 
of EdgeC ...)
@@ -219,6 +222,7 @@ CVE-2023-38976 (An issue in weaviate v.1.20.0 allows a 
remote attacker to cause
        NOT-FOR-US: weaviate
 CVE-2023-38961 (Buffer Overflwo vulnerability in JerryScript Project 
jerryscript v.3.0 ...)
        - iotjs <removed>
+       [bullseye] - iotjs <ignored> (Minor issue)
        NOTE: https://github.com/jerryscript-project/jerryscript/issues/5092
 CVE-2023-38899 (SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows 
a local ...)
        NOT-FOR-US: berkaygediz O_Blog



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6768eaac994a336a215479bc645a202cbee8f4ba

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6768eaac994a336a215479bc645a202cbee8f4ba
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to