[Git][security-tracker-team/security-tracker][master] automatic update

Sun, 22 Oct 2023 01:12:22 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8e9b979e by security tracker role at 2023-10-22T08:11:55+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-46301 (iTerm2 before 3.4.20 allow (potentially remote) code execution 
because ...)
+       TODO: check
+CVE-2023-46300 (iTerm2 before 3.4.20 allow (potentially remote) code execution 
because ...)
+       TODO: check
+CVE-2023-46298 (Next.js before 13.4.20-canary.13 lacks a cache-control header 
and thus ...)
+       TODO: check
+CVE-2023-46078 (Cross-Site Request Forgery (CSRF) vulnerability in PluginEver 
WC Seria ...)
+       TODO: check
+CVE-2023-46067 (Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 
Rocket Fon ...)
+       TODO: check
+CVE-2023-38735 (IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow 
a remote ...)
+       TODO: check
+CVE-2023-38276 (IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes 
sensitive in ...)
+       TODO: check
+CVE-2023-38275 (IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes 
sensitive in ...)
+       TODO: check
 CVE-2023-5349 [memory leak]
        - ruby-rmagick 5.3.0-1
        NOTE: https://github.com/rmagick/rmagick/pull/1406
@@ -256,7 +272,8 @@ CVE-2023-46277 (please (aka pleaser) through 0.5.4 allows 
privilege escalation t
        - rust-pleaser <unfixed> (bug #1054289)
        NOTE: https://gitlab.com/edneville/please/-/issues/13
        NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0066.html
-CVE-2023-46267 (Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 
1.6.4 al ...)
+CVE-2023-46267
+       REJECTED
        - roundcube 1.6.4+dfsg-1
        NOTE: https://github.com/roundcube/roundcubemail/issues/9168
        NOTE: 
https://github.com/roundcube/roundcubemail/commit/41756cc3331b495cc0b71886984474dc529dd31d
 (1.6.4)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e9b979e2391bcca072af492ce0dc951c8869106

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e9b979e2391bcca072af492ce0dc951c8869106
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to