[Git][security-tracker-team/security-tracker][master] new hamster-time-tracker issue (might be bogus), NFU

Fri, 06 Oct 2023 06:13:29 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6122b59e by Moritz Muehlenhoff at 2023-10-06T15:12:44+02:00
new hamster-time-tracker issue (might be bogus), NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2463,7 +2463,7 @@ CVE-2023-42147 (An issue in CloudExplorer Lite 1.3.1 
allows an attacker to obtai
 CVE-2023-41902 (An XPC misconfiguration vulnerability in CoreCode MacUpdater 
before 2. ...)
        NOT-FOR-US: CoreCode MacUpdater
 CVE-2023-41484 (An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to 
obtain s ...)
-       TODO: check
+       NOT-FOR-US: imgcat
 CVE-2023-41375 (Use after free vulnerability exists in Kostac PLC Programming 
Software ...)
        NOT-FOR-US: KostacKostac PLC Programming Software
 CVE-2023-41374 (Double free issue exists in Kostac PLC Programming Software 
Version 1. ...)
@@ -3093,7 +3093,9 @@ CVE-2023-37755 (i-doit pro 25 and below and I-doit open 
25 and below are configu
 CVE-2023-37739 (i-doit Pro v25 and below was discovered to be vulnerable to 
path trave ...)
        NOT-FOR-US: I-doit pro
 CVE-2023-36250 (CSV Injection vulnerability in GNOME time tracker version 
3.0.2, allow ...)
-       TODO: check
+       - hamster-time-tracker <unfixed>
+       NOTE: 
https://github.com/BrunoTeixeira1996/CVE-2023-36250/blob/main/README.md
+       NOTE: Report sounds a little dubious, it's not really clear whether 
this cross any security boundary
 CVE-2023-2848 (Movim prior to version 0.22 is affected by a Cross-Site 
WebSocket Hija ...)
        NOT-FOR-US: Movim
 CVE-2023-4948 (The WooCommerce CVR Payment Gateway plugin for WordPress is 
vulnerable ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6122b59ed35db96cf44ea161057b98e24bfff1c1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6122b59ed35db96cf44ea161057b98e24bfff1c1
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to