[Git][security-tracker-team/security-tracker][master] Associate some older CVEs with brpc, itp'ed

Salvatore Bonaccorso (@carnil) Wed, 13 Aug 2025 01:57:12 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b5f3507d by Salvatore Bonaccorso at 2025-08-13T10:56:37+02:00
Associate some older CVEs with brpc, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -165079,7 +165079,7 @@ CVE-2024-23764 (Certain WithSecure products allow 
Local Privilege Escalation. Th
 CVE-2024-23660 (The Binance Trust Wallet app for iOS in commit 
3cd6e8f647fbba8b5d8844f ...)
        NOT-FOR-US: Binance Trust Wallet app for iOS
 CVE-2024-23452 (Request smuggling vulnerability in HTTP server in Apache bRPC 
0.9.5~1. ...)
-       NOT-FOR-US: Apache bRPC
+       - brpc <itp> (bug #1060006)
 CVE-2024-22836 (An OS command injection vulnerability exists in Akaunting 
v3.1.3 and e ...)
        NOT-FOR-US: Akaunting
 CVE-2024-22795 (Insecure Permissions vulnerability in Forescout 
SecureConnector v.11.3 ...)
@@ -186648,7 +186648,7 @@ CVE-2023-45898 (The Linux kernel before 6.5.4 has an 
es1 use-after-free in fs/ex
        [buster] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/768d612f79822d30a1e7d132a4d4b05337ce42ec (6.6-rc1)
 CVE-2023-45757 (Security vulnerability in Apache bRPC <=1.6.0 on all platforms 
allows  ...)
-       NOT-FOR-US: Apache bRPC
+       - brpc <itp> (bug #1060006)
 CVE-2023-45580 (Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 
v.23.08.2 ...)
        NOT-FOR-US: DI-7003GV2.D1
 CVE-2023-45579 (Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 
v.23.08.2 ...)
@@ -208951,7 +208951,7 @@ CVE-2023-31040
 CVE-2023-2246 (A vulnerability has been found in SourceCodester Online Pizza 
Ordering ...)
        NOT-FOR-US: SourceCodester
 CVE-2023-31039 (Security vulnerabilityin Apache bRPC <1.5.0 on all platforms 
allows at ...)
-       NOT-FOR-US: Apache bRPC
+       - brpc <itp> (bug #1060006)
 CVE-2023-31038 (SQL injection in Log4cxx when using the ODBC appender to send 
log mess ...)
        [experimental] - log4cxx 1.1.0-1~exp1
        - log4cxx 1.1.0-1 (unimportant)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5f3507d91c7cccfe9fb48d7120c120a04682b94

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5f3507d91c7cccfe9fb48d7120c120a04682b94
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Associate some older CVEs with brpc, itp'ed

Reply via email to