Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
db82479c by security tracker role at 2025-12-18T20:13:03+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,10 +1,250 @@
-CVE-2025-68325 [net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop]
+CVE-2025-9787 (Zohocorp ManageEngine Applications Manager versions 177400 and
below a ...)
+ TODO: check
+CVE-2025-7358 (Use of Hard-coded Credentials vulnerability in Utarit
Informatics Serv ...)
+ TODO: check
+CVE-2025-7047 (Missing Authorization vulnerability in Utarit Informatics
Services Inc ...)
+ TODO: check
+CVE-2025-68469 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2025-68278 (Tina is a headless content management system. In tinacms prior
to vers ...)
+ TODO: check
+CVE-2025-67745 (MyHoard is a daemon for creating, managing and restoring MySQL
backups ...)
+ TODO: check
+CVE-2025-66058 (Missing Authorization vulnerability in PickPlugins Post Grid
and Guten ...)
+ TODO: check
+CVE-2025-65568 (A denial-of-service vulnerability exists in the omec-project
UPF (pfcp ...)
+ TODO: check
+CVE-2025-65567 (A denial-of-service vulnerability exists in the omec-project
UPF (pfcp ...)
+ TODO: check
+CVE-2025-65566 (A denial-of-service vulnerability exists in the omec-project
UPF (pfcp ...)
+ TODO: check
+CVE-2025-65565 (A denial-of-service vulnerability exists in the omec-project
UPF (pfcp ...)
+ TODO: check
+CVE-2025-65564 (A denial-of-service vulnerability exists in the omec-upf
(upf-epc-pfcp ...)
+ TODO: check
+CVE-2025-65563 (A denial-of-service vulnerability exists in the omec-project
UPF (comp ...)
+ TODO: check
+CVE-2025-65562 (The free5GC UPF suffers from a lack of bounds checking on the
SEID whe ...)
+ TODO: check
+CVE-2025-65561 (An issue was discovered in function LocalNode.Sess in free5GC
4.1.0 al ...)
+ TODO: check
+CVE-2025-65559 (An issue was discovered in Open5GS 2.7.5-49-g465e90f, when
processing ...)
+ TODO: check
+CVE-2025-65011 (In WODESYS WD-R608U router (also known as WDR122B V2.0 and
WDR28) an u ...)
+ TODO: check
+CVE-2025-65010 (WODESYSWD-R608U router (also known as WDR122B V2.0 and WDR28)
is vulne ...)
+ TODO: check
+CVE-2025-65009 (In WODESYS WD-R608U router (also known as WDR122B V2.0 and
WDR28)admin ...)
+ TODO: check
+CVE-2025-65008 (In WODESYS WD-R608U router (also known as WDR122B V2.0 and
WDR28)due t ...)
+ TODO: check
+CVE-2025-65007 (In WODESYS WD-R608U router (also known asWDR122B V2.0 and
WDR28) due t ...)
+ TODO: check
+CVE-2025-65000 (SSH private keys of the "Remote alert handlers (Linux)" rule
were expo ...)
+ TODO: check
+CVE-2025-64997 (Insufficient permission validation in Checkmk versions prior
to 2.4.0p ...)
+ TODO: check
+CVE-2025-64724 (Arduino IDE is an integrated development environment. Prior to
version ...)
+ TODO: check
+CVE-2025-64723 (Arduino IDE is an integrated development environment. Prior to
version ...)
+ TODO: check
+CVE-2025-64469 (There is a stack-based buffer overflow vulnerability in NI
LabVIEW in ...)
+ TODO: check
+CVE-2025-64468 (There is a use-after-free vulnerability in
sentry!sentry_span_set_data ...)
+ TODO: check
+CVE-2025-64467 (There is an out of bounds read vulnerability in NI LabVIEW in
LVResFil ...)
+ TODO: check
+CVE-2025-64466 (There is an out of bounds read vulnerability in NI LabVIEW in
lvre!Exe ...)
+ TODO: check
+CVE-2025-64465 (There is an out of bounds read vulnerability in NI LabVIEW in
lvre!Dat ...)
+ TODO: check
+CVE-2025-64464 (There is an out of bounds read vulnerability in NI LabVIEW in
lvre!Vis ...)
+ TODO: check
+CVE-2025-64463 (There is an out of bounds read vulnerability in NI LabVIEW in
LVResour ...)
+ TODO: check
+CVE-2025-64462 (There is an out of bounds read vulnerability in NI LabVIEW in
LVResFil ...)
+ TODO: check
+CVE-2025-64461 (There is an out of bounds write vulnerability in NI LabVIEW in
mgocre_ ...)
+ TODO: check
+CVE-2025-64400 (Control Panel provides an API for pre-registering into an
enrollment ...)
+ TODO: check
+CVE-2025-64355 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-64282 (Authorization Bypass Through User-Controlled Key vulnerability
in Radi ...)
+ TODO: check
+CVE-2025-64236 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
+ TODO: check
+CVE-2025-64235 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2025-63757 (Integer overflow vulnerability in the yuv2ya16_X_c_template
function i ...)
+ TODO: check
+CVE-2025-63391 (An authentication bypass vulnerability exists in Open-WebUI
<=0.6.32 i ...)
+ TODO: check
+CVE-2025-63390 (An authentication bypass vulnerability exists in AnythingLLM
v1.8.5 in ...)
+ TODO: check
+CVE-2025-63389 (A critical authentication bypass vulnerability exists in
Ollama platfo ...)
+ TODO: check
+CVE-2025-63388 (A Cross-Origin Resource Sharing (CORS) misconfiguration
vulnerability ...)
+ TODO: check
+CVE-2025-63387 (Dify v1.9.1 is vulnerable to Insecure Permissions. An
unauthenticated ...)
+ TODO: check
+CVE-2025-63386 (A Cross-Origin Resource Sharing (CORS) misconfiguration
vulnerability ...)
+ TODO: check
+CVE-2025-63043 (Authorization Bypass Through User-Controlled Key vulnerability
in Pick ...)
+ TODO: check
+CVE-2025-63002 (Missing Authorization vulnerability in wpforchurch Sermon
Manager allo ...)
+ TODO: check
+CVE-2025-62998 (Insertion of Sensitive Information Into Sent Data
vulnerability in WP ...)
+ TODO: check
+CVE-2025-62961 (Missing Authorization vulnerability in Sparkle WP Sparkle FSE
allows E ...)
+ TODO: check
+CVE-2025-62960 (Missing Authorization vulnerability in Sparkle WP Construction
Light a ...)
+ TODO: check
+CVE-2025-59949 (FreshRSS is a free, self-hostable RSS aggregator. Versions
prior to 1. ...)
+ TODO: check
+CVE-2025-56157 (Default credentials in Dify thru 1.5.1. PostgreSQL username
and passwo ...)
+ TODO: check
+CVE-2025-40898 (A path traversal vulnerability was discovered in the Import
Arc data a ...)
+ TODO: check
+CVE-2025-40893 (A Stored HTML Injection vulnerability was discovered in the
Asset List ...)
+ TODO: check
+CVE-2025-40892 (A Stored Cross-Site Scripting vulnerability was discovered in
the Repo ...)
+ TODO: check
+CVE-2025-40891 (A Stored HTML Injection vulnerability was discovered in the
Time Machi ...)
+ TODO: check
+CVE-2025-40602 (A local privilege escalation vulnerability due to insufficient
authori ...)
+ TODO: check
+CVE-2025-1031 (Authorization Bypass Through User-Controlled Key vulnerability
in Utar ...)
+ TODO: check
+CVE-2025-1030 (Exposure of Private Personal Information to an Unauthorized
Actor vuln ...)
+ TODO: check
+CVE-2025-1029 (Use of Hard-coded Credentials vulnerability in Utarit
Information Serv ...)
+ TODO: check
+CVE-2025-14896 (due to insufficient sanitazation in Vega\u2019s `convert()`
function w ...)
+ TODO: check
+CVE-2025-14889 (A security flaw has been discovered in Campcodes Advanced
Voting Manag ...)
+ TODO: check
+CVE-2025-14885 (A flaw has been found in SourceCodester Client Database
Management Sys ...)
+ TODO: check
+CVE-2025-14884 (A vulnerability was detected in D-Link DIR-605 202WWB03.
Affected by t ...)
+ TODO: check
+CVE-2025-14879 (A weakness has been identified in Tenda WH450 1.0.0.18.
Affected is an ...)
+ TODO: check
+CVE-2025-14878 (A security flaw has been discovered in Tenda WH450 1.0.0.18.
This impa ...)
+ TODO: check
+CVE-2025-14877 (A vulnerability was identified in Campcodes Supplier
Management System ...)
+ TODO: check
+CVE-2025-14874 (A flaw was found in Nodemailer. This vulnerability allows a
denial of ...)
+ TODO: check
+CVE-2025-14861 (Memory safety bugs present in Firefox 146. Some of these bugs
showed e ...)
+ TODO: check
+CVE-2025-14860 (Use-after-free in the Disability Access APIs component. This
vulnerabi ...)
+ TODO: check
+CVE-2025-14823 (In deployments using the ScreenConnect\u2122 Certificate
Signing Exten ...)
+ TODO: check
+CVE-2025-14744 (Unicode RTLO characters could allow malicious websites to
spoof filena ...)
+ TODO: check
+CVE-2025-14739 (Access of Uninitialized Pointer vulnerability in TP-Link
WR940N and WR ...)
+ TODO: check
+CVE-2025-14738 (Improper authentication vulnerability in TP-Link WA850RE
(httpd module ...)
+ TODO: check
+CVE-2025-14737 (Command Injection vulnerability in TP-Link WA850RE (httpd
modules) all ...)
+ TODO: check
+CVE-2025-14618 (The Sweet Energy Efficiency plugin for WordPress is vulnerable
to unau ...)
+ TODO: check
+CVE-2025-14437 (The Hummingbird Performance plugin for WordPress is vulnerable
to Sens ...)
+ TODO: check
+CVE-2025-14364 (The Demo Importer Plus plugin for WordPress is vulnerable to
unauthori ...)
+ TODO: check
+CVE-2025-14277 (The Prime Slider \u2013 Addons for Elementor plugin for
WordPress is v ...)
+ TODO: check
+CVE-2025-13730 (The OpenID Connect Generic Client plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2025-13641 (The Photo Gallery, Sliders, Proofing and Themes \u2013 NextGEN
Gallery ...)
+ TODO: check
+CVE-2025-13110 (The HUSKY \u2013 Products Filter Professional for WooCommerce
plugin f ...)
+ TODO: check
+CVE-2025-10910 (A flaw in the binding process of Govee\u2019s cloud platform
and devic ...)
+ TODO: check
+CVE-2024-58323 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2024-58322 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2024-58321 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2024-58320 (An information disclosure vulnerability in Kentico Xperience
allows pu ...)
+ TODO: check
+CVE-2024-58319 (A reflected cross-site scripting vulnerability in Kentico
Xperience al ...)
+ TODO: check
+CVE-2024-58318 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2024-58317 (A cookie security configuration vulnerability in Kentico
Xperience all ...)
+ TODO: check
+CVE-2023-53944 (EasyPHP Webserver 14.1 contains a path traversal vulnerability
that al ...)
+ TODO: check
+CVE-2023-53943 (GLPI 9.5.7 contains a username enumeration vulnerability in
the lost p ...)
+ TODO: check
+CVE-2023-53942 (File Thingie 2.5.7 contains an authenticated file upload
vulnerability ...)
+ TODO: check
+CVE-2023-53941 (EasyPHP Webserver 14.1 contains an OS command injection
vulnerability ...)
+ TODO: check
+CVE-2023-53940 (Codigo Markdown Editor 1.0.1 contains a code execution
vulnerability t ...)
+ TODO: check
+CVE-2023-53939 (TinyWebGallery v2.5 contains a stored cross-site scripting
vulnerabili ...)
+ TODO: check
+CVE-2023-53938 (RockMongo 1.1.7 contains a stored cross-site scripting
vulnerability t ...)
+ TODO: check
+CVE-2023-53937 (Hubstaff 1.6.14 contains a DLL search order hijacking
vulnerability th ...)
+ TODO: check
+CVE-2023-53936 (Cameleon CMS 2.7.4 contains a persistent cross-site scripting
vulnerab ...)
+ TODO: check
+CVE-2023-53935 (WBiz Desk 1.2 contains a SQL injection vulnerability that
allows non-a ...)
+ TODO: check
+CVE-2023-53934 (A denial of service vulnerability in Kentico Xperience allows
attacker ...)
+ TODO: check
+CVE-2023-53738 (A reflected cross-site scripting vulnerability in Kentico
Xperience al ...)
+ TODO: check
+CVE-2023-53737 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2023-53736 (A reflected cross-site scripting vulnerability in Kentico
Xperience al ...)
+ TODO: check
+CVE-2022-50686 (An information disclosure vulnerability in Kentico Xperience
allows at ...)
+ TODO: check
+CVE-2022-50685 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2022-50684 (An HTML injection vulnerability in Kentico Xperience allows
attackers ...)
+ TODO: check
+CVE-2022-50683 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2022-50682 (A CRLF injection vulnerability in Kentico Xperience allows
attackers t ...)
+ TODO: check
+CVE-2022-50681 (A reflected cross-site scripting vulnerability in Kentico
Xperience al ...)
+ TODO: check
+CVE-2022-50680 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2021-47712 (A cryptography vulnerability in Kentico Xperience allows
attackers to ...)
+ TODO: check
+CVE-2021-47711 (A SQL injection vulnerability in Kentico Xperience allows
authenticate ...)
+ TODO: check
+CVE-2020-36891 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2020-36890 (An access control bypass vulnerability in Kentico Xperience
allows adm ...)
+ TODO: check
+CVE-2020-36889 (A stored cross-site scripting vulnerability in Kentico
Xperience allow ...)
+ TODO: check
+CVE-2019-25230 (An information disclosure vulnerability in Kentico Xperience
allows au ...)
+ TODO: check
+CVE-2019-25229 (An unrestricted file upload vulnerability in Kentico Xperience
allows ...)
+ TODO: check
+CVE-2019-25228 (An information disclosure vulnerability in Kentico Xperience
allows at ...)
+ TODO: check
+CVE-2025-68325 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/9fefc78f7f02d71810776fdeb119a05a946a27cc (6.19-rc1)
-CVE-2025-68324 [scsi: imm: Fix use-after-free bug caused by unfinished delayed
work]
+CVE-2025-68324 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/ab58153ec64fa3fc9aea09ca09dc9322e0b54a7c (6.19-rc1)
-CVE-2025-68323 [usb: typec: ucsi: fix use-after-free caused by uec->work]
+CVE-2025-68323 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux <unfixed>
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -2369,10 +2609,12 @@ CVE-2025-14652 (A vulnerability was found in
itsourcecode Online Cake Ordering S
CVE-2025-14651 (A vulnerability has been found in MartialBE one-hub up to
0.14.27. Thi ...)
NOT-FOR-US: MartialBE one-hub
CVE-2025-68461 (Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone
to a Cr ...)
+ {DLA-4415-1}
- roundcube 1.6.12+dfsg-1 (bug #1122899)
NOTE:
https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12
NOTE: Fixed by:
https://github.com/roundcube/roundcubemail/commit/bfa032631c36b900e7444dfa278340b33cbf7cdb
(1.6.12)
CVE-2025-68460 (Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone
to a in ...)
+ {DLA-4415-1}
- roundcube 1.6.12+dfsg-1 (bug #1122899)
NOTE:
https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12
NOTE: Fixed by:
https://github.com/roundcube/roundcubemail/commit/08de250fba731b634bed188bbe18d2f6ef3c7571
(1.6.12)
@@ -2410,7 +2652,7 @@ CVE-2025-12696 (The HelloLeads CRM Form Shortcode
WordPress plugin through 1.0 d
NOT-FOR-US: WordPress plugin
CVE-2025-12537 (The Addon Elements for Elementor plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-67896 (Exim before 4.99.1 allows remote heap corruption that will be
further ...)
+CVE-2025-67896 (Exim before 4.99.1, with certain non-default rate-limit
configurations ...)
- exim4 4.99-7
[trixie] - exim4 <not-affected> (Vulnerable code not present)
[bookworm] - exim4 <not-affected> (Vulnerable code not present)
@@ -2536,7 +2778,7 @@ CVE-2025-46276 (An information disclosure issue was
addressed with improved priv
CVE-2025-43542 (This issue was addressed with improved state management. This
issue is ...)
NOT-FOR-US: Apple
CVE-2025-43541 (A type confusion issue was addressed with improved state
handling. Thi ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security
support in Trixie)
@@ -2548,7 +2790,7 @@ CVE-2025-43539 (The issue was addressed with improved
bounds checks. This issue
CVE-2025-43538 (A logging issue was addressed with improved data redaction.
This issue ...)
NOT-FOR-US: Apple
CVE-2025-43536 (A use-after-free issue was addressed with improved memory
management. ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security
support in Trixie)
@@ -2556,7 +2798,7 @@ CVE-2025-43536 (A use-after-free issue was addressed with
improved memory manage
[bullseye] - wpewebkit <end-of-life> (see #1035997)
NOTE: https://webkitgtk.org/security/WSA-2025-0010.html
CVE-2025-43535 (The issue was addressed with improved memory handling. This
issue is f ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security
support in Trixie)
@@ -2566,7 +2808,7 @@ CVE-2025-43535 (The issue was addressed with improved
memory handling. This issu
CVE-2025-43532 (A memory corruption issue was addressed with improved bounds
checking. ...)
NOT-FOR-US: Apple
CVE-2025-43531 (A race condition was addressed with improved state handling.
This issu ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security
support in Trixie)
@@ -2576,7 +2818,7 @@ CVE-2025-43531 (A race condition was addressed with
improved state handling. Thi
CVE-2025-43530 (This issue was addressed with improved checks. This issue is
fixed in ...)
NOT-FOR-US: Apple
CVE-2025-43529 (A use-after-free issue was addressed with improved memory
management. ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security
support in Trixie)
@@ -2614,7 +2856,7 @@ CVE-2025-43509 (This issue was addressed with improved
data protection. This iss
CVE-2025-43506 (A logic error was addressed with improved error handling. This
issue i ...)
NOT-FOR-US: Apple
CVE-2025-43501 (A buffer overflow issue was addressed with improved memory
handling. T ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security
support in Trixie)
@@ -2851,7 +3093,7 @@ CVE-2025-14565 (A vulnerability was identified in kidaze
CourseSelectionSystem u
CVE-2025-14442 (The Secure Copy Content Protection and Content Locking plugin
for Word ...)
NOT-FOR-US: WordPress plugin
CVE-2025-14174 (Out of bounds memory access in ANGLE in Google Chrome on Mac
prior to ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- chromium <not-affected> (Only affects Chromium on MacOS)
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
@@ -6109,6 +6351,7 @@ CVE-2022-50631 (In the Linux kernel, the following
vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/96df59b1ae23f5c11698c3c2159aeb2ecd4944a4 (6.2-rc1)
CVE-2025-62408 (c-ares is an asynchronous resolver library. Versions 1.32.3
through 1. ...)
+ {DSA-6084-1}
- c-ares 1.34.6-1
[bookworm] - c-ares <not-affected> (Vulnerable code introduced later)
[bullseye] - c-ares <not-affected> (Vulnerable code introduced later)
@@ -278415,10 +278658,10 @@ CVE-2023-23608 (Spotipy is a light weight Python
library for the Spotify Web API
NOT-FOR-US: Spotipy
CVE-2023-23607 (erohtar/Dasherr is a dashboard for self-hosted services. In
affected v ...)
NOT-FOR-US: Dasherr
-CVE-2023-23606 (Memory safety bugs present in Firefox 108. Some of these bugs
showed e ...)
+CVE-2023-23606 (Mozilla developers and the Mozilla Fuzzing Team reported
memory safety ...)
- firefox 109.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23606
-CVE-2023-23605 (Memory safety bugs present in Firefox 108 and Firefox ESR
102.6. Some ...)
+CVE-2023-23605 (Mozilla developers and the Mozilla Fuzzing Team reported
memory safety ...)
{DSA-5355-1 DSA-5322-1 DLA-3324-1 DLA-3275-1}
- firefox 109.0-1
- firefox-esr 102.7.0esr-1
@@ -278426,7 +278669,7 @@ CVE-2023-23605 (Memory safety bugs present in Firefox
108 and Firefox ESR 102.6.
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23605
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2023-23605
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/#CVE-2023-23605
-CVE-2023-23604 (A duplicate <code>SystemPrincipal</code> object could be
created when ...)
+CVE-2023-23604 (A duplicate `SystemPrincipal` object could be created when
parsing a n ...)
- firefox 109.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23604
CVE-2023-23603 (Regular expressions used to filter out forbidden properties
and values ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db82479c6bf281c766ed8b069ba87fd463cae96a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db82479c6bf281c766ed8b069ba87fd463cae96a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
