[Git][security-tracker-team/security-tracker][master] "new" issues in mongodb drivers

Mon, 04 Sep 2023 04:15:32 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
373c4df5 by Moritz Muehlenhoff at 2023-09-04T12:59:49+02:00
"new" issues in mongodb drivers

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -164733,7 +164733,20 @@ CVE-2021-32052 (In Django 2.2 before 2.2.22, 3.1 
before 3.1.10, and 3.2 before 3
 CVE-2021-32051 (Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL 
injection via ...)
        NOT-FOR-US: Hexagon G!nius Auskunftsportal
 CVE-2021-32050 (Some MongoDB Drivers may erroneously publish events containing 
authent ...)
-       TODO: check
+       - php-mongodb 1.11.1+1.9.2+1.7.5-4
+       [bullseye] - php-mongodb <no-dsa> (Minor issue)
+       - mongo-c-driver 1.18.0-1
+       [bullseye] - mongo-c-driver <no-dsa> (Minor issue)
+       - node-mongodb <unfixed>
+       [bookworm] - node-mongodb <no-dsa> (Minor issue)
+       [bullseye] - node-mongodb <no-dsa> (Minor issue)
+       NOTE: https://jira.mongodb.org/browse/PHPC-1869
+       NOTE: https://github.com/mongodb/mongo-php-driver/pull/1235
+       NOTE: https://jira.mongodb.org/browse/NODE-3356
+       NOTE: 
https://github.com/mongodb/node-mongodb-native/commit/8c8b4c3b8c55f10fb96f63d3bbfa5d408b4ed7d0
+       NOTE: 
https://github.com/mongodb/node-mongodb-native/commit/b98f2061de9e8b0a814e3e7d39a0e914245953d0
+       NOTE: https://jira.mongodb.org/browse/CDRIVER-3797
+       NOTE: 
https://github.com/mongodb/mongo-c-driver/commit/6d8fc7eaadea8a0dab163e88b91244af12e0c97a
 (1.18.0)
 CVE-2021-32049
        RESERVED
 CVE-2021-32048



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373c4df57e12d7339f8a786a5a0a0a08ff1c3861

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373c4df57e12d7339f8a786a5a0a0a08ff1c3861
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to