Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f38ac6d0 by Moritz Muehlenhoff at 2024-05-28T22:45:23+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -300,7 +300,6 @@ CVE-2023-6349 (A heap overflow vulnerability exists in
libvpx -Encoding a frame
NOTE: Same upstream commit as CVE-2023-44488
CVE-2023-50977
REJECTED
- NOTE: Disputed GNOME Shell issue
CVE-2022-4969 (A vulnerability, which was classified as critical, has been
found in b ...)
NOT-FOR-US: rockhopper Python library (different from src:rockhopper)
CVE-2024-5403 (ASKEY 5G NR Small Cell fails to properly filter user input for
certain ...)
@@ -536,7 +535,7 @@ CVE-2024-33470 (An issue in the SMTP Email Settings of
AVTECH Room Alert 4E v4.4
CVE-2024-33427
REJECTED
CVE-2024-31510 (An issue in Open Quantum Safe liboqs v.10.0 allows a remote
attacker t ...)
- - liboqs <unfixed>
+ - liboqs <unfixed> (bug #1072118)
NOTE: https://github.com/liang-junkai/Fault-injection-of-ML-DSA
CVE-2024-22588 (Kwik commit 745fd4e2 does not discard unused encryption keys.)
NOT-FOR-US: Kwik
@@ -4650,11 +4649,10 @@ CVE-2024-3745 (MSI Afterburner v4.6.6.16381 Beta 3 is
vulnerable to an ACL Bypas
NOT-FOR-US: MSI Afterburner
CVE-2024-3658
REJECTED
- NOT-FOR-US: WordPress plugin
CVE-2024-36043 (question_image.ts in SurveyJS Form Library before 1.10.4
allows conten ...)
NOT-FOR-US: SurveyJS Form Library
CVE-2024-34083 (aiosmptd is a reimplementation of the Python stdlib smtpd.py
based on ...)
- - python-aiosmtpd <unfixed>
+ - python-aiosmtpd <unfixed> (bug #1072119)
[bookworm] - python-aiosmtpd <no-dsa> (Minor issue)
[bullseye] - python-aiosmtpd <no-dsa> (Minor issue)
NOTE:
https://github.com/aio-libs/aiosmtpd/security/advisories/GHSA-wgjv-9j3q-jhg8
@@ -5452,7 +5450,7 @@ CVE-2024-22145 (Improper Privilege Management
vulnerability in InstaWP Team Inst
CVE-2024-22139 (Authentication Bypass by Spoofing vulnerability in Filipe
Seabra WordP ...)
NOT-FOR-US: WordPress plugin
CVE-2024-22120 (Zabbix server can perform command execution for configured
scripts. Af ...)
- - zabbix <unfixed>
+ - zabbix <unfixed> (bug #1072120)
NOTE: https://support.zabbix.com/browse/ZBX-24505
CVE-2024-21746 (Authentication Bypass by Spoofing vulnerability in Wpmet Wp
Ultimate R ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f38ac6d0236380de377bbc03963ad6707c3ed5f4
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f38ac6d0236380de377bbc03963ad6707c3ed5f4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
