[Git][security-tracker-team/security-tracker][master] Add CVE-2023-2142/node-nunjucks

Tue, 26 Nov 2024 13:06:58 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d7cdb876 by Salvatore Bonaccorso at 2024-11-26T22:06:28+01:00
Add CVE-2023-2142/node-nunjucks

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -128026,7 +128026,9 @@ CVE-2023-2144 (A vulnerability was found in Campcodes 
Online Thesis Archiving Sy
 CVE-2023-2143 (The Enable SVG, WebP & ICO Upload WordPress plugin through 
1.0.3 does  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-2142 (In Nunjucks versions prior to version 3.2.4, it was  possible 
to bypas ...)
-       TODO: check
+       - node-nunjucks <unfixed>
+       NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1825980
+       NOTE: 
https://github.com/mozilla/nunjucks/security/advisories/GHSA-x77j-w7wf-fjmw
 CVE-2023-2141 (An unsafe .NET object deserialization in DELMIA Apriso Release 
2017 th ...)
        NOT-FOR-US: DELMIA Apriso
 CVE-2023-2140 (A Server-Side Request Forgery vulnerability in DELMIA Apriso 
Release   ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7cdb876869499420bba5a039617299194ed128f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7cdb876869499420bba5a039617299194ed128f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to