[Git][security-tracker-team/security-tracker][master] Add CVE-2023-45803/python-urllib3

Thu, 19 Oct 2023 06:29:47 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a0fc7dec by Salvatore Bonaccorso at 2023-10-19T15:29:06+02:00
Add CVE-2023-45803/python-urllib3

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -233,7 +233,9 @@ CVE-2023-45902 (Dreamer CMS v4.1.3 was discovered to 
contain a Cross-Site Reques
 CVE-2023-45901 (Dreamer CMS v4.1.3 was discovered to contain a Cross-Site 
Request Forg ...)
        NOT-FOR-US: Dreamer CMS
 CVE-2023-45803 (urllib3 is a user-friendly HTTP client library for Python. 
urllib3 pre ...)
-       TODO: check
+       - python-urllib3 <unfixed>
+       NOTE: 
https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
+       NOTE: 
https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36
 (1.26.18)
 CVE-2023-45010 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Alex ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-45007 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Fotomoto ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0fc7decd59862034c48f8a7c8086aa2999de48d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0fc7decd59862034c48f8a7c8086aa2999de48d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to