Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
169c7c1f by security tracker role at 2026-06-29T19:13:34+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,12 +1,274 @@
-CVE-2026-54371
+CVE-2026-9267 (Eclipse tinydtls before 
commitb3efd41ad111a4920f599f51ffa4f5e9f1e72221 ...)
+       TODO: check
+CVE-2026-9105 (An authenticated stack-based buffer overflow vulnerability 
exists in t ...)
+       TODO: check
+CVE-2026-58000 (luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, 
contains a ...)
+       TODO: check
+CVE-2026-57999 (luci-app-tailscale-community contains a command injection 
vulnerabilit ...)
+       TODO: check
+CVE-2026-57966 (A path traversal vulnerability was found in spice-vdagent. 
This flaw a ...)
+       TODO: check
+CVE-2026-57965 (A flaw was found in spice-vdagent. A malicious or compromised 
SPICE ho ...)
+       TODO: check
+CVE-2026-57960 (Hi.Events through 1.9.0 public check-in list endpoints use 
short_id as ...)
+       TODO: check
+CVE-2026-57959 (Hi.Events through 1.9.0 contains a promo code validation 
vulnerability ...)
+       TODO: check
+CVE-2026-57958 (Mixpost through 2.6.0 contains a reflected cross-site 
scripting vulner ...)
+       TODO: check
+CVE-2026-57957 (Papermark through 0.22.0 contains a cross-origin resource 
sharing (COR ...)
+       TODO: check
+CVE-2026-57956 (SigNoz through 0.130.1 contains a broken access control 
vulnerability  ...)
+       TODO: check
+CVE-2026-57955 (SigNoz through 0.130.1 contains a SQL injection vulnerability 
that all ...)
+       TODO: check
+CVE-2026-57954 (Elide through 7.1.17 fails to enforce @ReadPermission on 
client-suppli ...)
+       TODO: check
+CVE-2026-57953 (Mythic before 3.4.0.60 contains an authorization bypass 
vulnerability  ...)
+       TODO: check
+CVE-2026-57952 (Mythic before 3.4.0.60 contains an authorization bypass 
vulnerability  ...)
+       TODO: check
+CVE-2026-57951 (Mythic before 3.4.0.60 contains a broken hasura permission 
filter on t ...)
+       TODO: check
+CVE-2026-57950 (ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 
contains a brok ...)
+       TODO: check
+CVE-2026-57949 (ruoyi-vue-pro through 2026.05, fixed in commit c779a47, 
contains a mis ...)
+       TODO: check
+CVE-2026-57948 (Pinpoint through version 3.1.0 contains an insecure session 
management ...)
+       TODO: check
+CVE-2026-57947 (Pinpoint through 3.1.0 contains a server-side request forgery 
vulnerab ...)
+       TODO: check
+CVE-2026-57946 (Invidious before version 2.20260626.0 contains a broken access 
control ...)
+       TODO: check
+CVE-2026-57945 (PhotoPrism before 260601-a7d098548 contains a broken access 
control vu ...)
+       TODO: check
+CVE-2026-57943 (LibrePhotos before 1.0.0 contains a broken object level 
authorization  ...)
+       TODO: check
+CVE-2026-57942 (LibreTranslate through 1.9.7, fixed in commit 397fd22, 
contains an IP  ...)
+       TODO: check
+CVE-2026-57676 (Authorization Bypass Through User-Controlled Key vulnerability 
in Matt ...)
+       TODO: check
+CVE-2026-57525
+       REJECTED
+CVE-2026-57523
+       REJECTED
+CVE-2026-57346 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
+       TODO: check
+CVE-2026-57341 (Unauthenticated Insecure Direct Object References (IDOR) in 
Colissimo  ...)
+       TODO: check
+CVE-2026-57340 (Unauthenticated Broken Access Control in Japanized For 
WooCommerce <=  ...)
+       TODO: check
+CVE-2026-57339 (Unauthenticated Broken Access Control in Business Directory <= 
6.4.23  ...)
+       TODO: check
+CVE-2026-57338 (Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 
version ...)
+       TODO: check
+CVE-2026-57337 (Unauthenticated Cross Site Scripting (XSS) in Landing Page 
Builder <=  ...)
+       TODO: check
+CVE-2026-57336 (Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 
versions ...)
+       TODO: check
+CVE-2026-57335 (Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 
versions.)
+       TODO: check
+CVE-2026-57334 (Unauthenticated Broken Access Control in WP User Frontend <= 
4.3.7 ver ...)
+       TODO: check
+CVE-2026-57333 (Unauthenticated Cross Site Scripting (XSS) in Link Whisper 
Free <= 0.9 ...)
+       TODO: check
+CVE-2026-57332 (Subscriber Broken Access Control in Wallet System for 
WooCommerce <= 2 ...)
+       TODO: check
+CVE-2026-57331 (Performer Arbitrary File Deletion in Paid Videochat Turnkey 
Site <= 7. ...)
+       TODO: check
+CVE-2026-57330 (Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 
3.7.27 ver ...)
+       TODO: check
+CVE-2026-57329 (Subscriber Cross Site Scripting (XSS) in WooCommerce Designer 
Pro <= 1 ...)
+       TODO: check
+CVE-2026-57328 (Subscriber Cross Site Scripting (XSS) in Business Directory <= 
6.4.22  ...)
+       TODO: check
+CVE-2026-57327 (Subscriber Broken Access Control in MainWP <= 6.1.1 versions.)
+       TODO: check
+CVE-2026-57326 (Unauthenticated Cross Site Scripting (XSS) in Business 
Directory <= 6. ...)
+       TODO: check
+CVE-2026-57320 (Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 
versions.)
+       TODO: check
+CVE-2026-56783 (Parseable before 2.9.2 contains an information disclosure 
vulnerabilit ...)
+       TODO: check
+CVE-2026-56782 (Gorse before 0.5.10 contains an authentication bypass 
vulnerability in ...)
+       TODO: check
+CVE-2026-56781 (Teable before 2026-06-15T04-43-24Z.1912 contains an improper 
access co ...)
+       TODO: check
+CVE-2026-56780 (Modoboa before 2.9.0 contains an insecure direct object 
reference vuln ...)
+       TODO: check
+CVE-2026-56457 (HCL DevOps Deploy / HCL Launch is susceptible to an exposure 
of sensit ...)
+       TODO: check
+CVE-2026-56290 (The Joomla extension Page Builder CK is vulnerable to an 
unauthenticat ...)
+       TODO: check
+CVE-2026-56285 (Nitter's /video media proxy endpoint fails to validate target 
URLs aga ...)
+       TODO: check
+CVE-2026-56124 (phpUploader before 2.0.2 contains an unauthenticated 
information discl ...)
+       TODO: check
+CVE-2026-55844 (Home Assistant is open source home automation software that 
puts local ...)
+       TODO: check
+CVE-2026-55607 (Claude Code is an agentic coding tool.  From 2.1.38 until 
2.1.163, Cla ...)
+       TODO: check
+CVE-2026-53428 (Memory Allocation with Excessive Size Value vulnerability in 
leandrocp ...)
+       TODO: check
+CVE-2026-53427 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2026-49049 (The Helix3 plugin for Joomla exposes an ajax handler task, 
that allows ...)
+       TODO: check
+CVE-2026-46406 (Claude Code is an agentic coding tool.  From 2.1.59 until 
2.1.128, the ...)
+       TODO: check
+CVE-2026-41992 (GNU gzip contains a global buffer overflow vulnerability in 
the LZH de ...)
+       TODO: check
+CVE-2026-41991 (GNU gzip contains a vulnerability in the gzexe utility related 
to inse ...)
+       TODO: check
+CVE-2026-41052 (Improper privilege handling could be used by users withProject 
Owner r ...)
+       TODO: check
+CVE-2026-40524 (FrontAccounting before 2.4.20 contains a SQL injection 
vulnerability i ...)
+       TODO: check
+CVE-2026-40523 (FrontAccounting before 2.4.20 contains a SQL injection 
vulnerability i ...)
+       TODO: check
+CVE-2026-40522 (FrontAccounting before 2.4.20 contains a SQL injection 
vulnerability i ...)
+       TODO: check
+CVE-2026-40521 (FrontAccounting before 2.4.20 contains a path traversal 
vulnerability  ...)
+       TODO: check
+CVE-2026-36848 (Gigamon GVOS v5.16.1 and below is vulnerable to Directory 
Traversal in ...)
+       TODO: check
+CVE-2026-25707 (A relative path traversal bug problem when processing 
repository metad ...)
+       TODO: check
+CVE-2026-22078 (Because O+ Connect's IPC service does not authenticate 
clients, extern ...)
+       TODO: check
+CVE-2026-13757 (A flaw was found in p11-kit. The RPC message attribute parsing 
functio ...)
+       TODO: check
+CVE-2026-13752 (Improper neutralization of parameters in Snowflake CLI 
versions prior  ...)
+       TODO: check
+CVE-2026-13751 (Improper handling of untrusted remote references in Snowflake 
CLI vers ...)
+       TODO: check
+CVE-2026-13750 (Insertion of sensitive information into log files in Snowflake 
CLI ver ...)
+       TODO: check
+CVE-2026-13749 (Improper neutralization in the Snowpark annotation processor 
callback  ...)
+       TODO: check
+CVE-2026-13748 (Improper restriction of file path resolution in Snowflake CLI 
versions ...)
+       TODO: check
+CVE-2026-13746 (Improper neutralization of local CLI parameters in Snowflake 
CLI versi ...)
+       TODO: check
+CVE-2026-13744 (Improper neutralization of attacker-controlled content in 
Snowflake CL ...)
+       TODO: check
+CVE-2026-13742 (Honeywell IQ MultiAccess, all versions prior to and including 
version  ...)
+       TODO: check
+CVE-2026-13676 (fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to 
canonicalize U ...)
+       TODO: check
+CVE-2026-13601 (A flaw was found in Yelp due to an overly permissive Content 
Security  ...)
+       TODO: check
+CVE-2026-13595 (A flaw was found in the libblkid library of util-linux. During 
nested  ...)
+       TODO: check
+CVE-2026-13592 (A vulnerability was detected in liftoff-sr CIPster up to 
e8e9dba09bf56 ...)
+       TODO: check
+CVE-2026-13591 (A weakness has been identified in DeepMyst Mysti 0.4.0. 
Affected is th ...)
+       TODO: check
+CVE-2026-13590 (A security flaw has been discovered in seladb PcapPlusPlus 
25.05. This ...)
+       TODO: check
+CVE-2026-13589 (A vulnerability was identified in seladb PcapPlusPlus 25.05. 
This affe ...)
+       TODO: check
+CVE-2026-13588 (A vulnerability was determined in seladb PcapPlusPlus 25.05. 
The impac ...)
+       TODO: check
+CVE-2026-13587 (A vulnerability was found in seladb PcapPlusPlus 25.05. The 
affected e ...)
+       TODO: check
+CVE-2026-13583 (A vulnerability has been found in Edimax EW-7478APC 1.04. 
Impacted is  ...)
+       TODO: check
+CVE-2026-13582 (A flaw has been found in Edimax EW-7478APC 1.04. This issue 
affects th ...)
+       TODO: check
+CVE-2026-13581 (A vulnerability was detected in Edimax EW-7478APC 1.04. This 
vulnerabi ...)
+       TODO: check
+CVE-2026-13580 (A security vulnerability has been detected in Edimax 
EW-7478APC 1.04.  ...)
+       TODO: check
+CVE-2026-13579 (A weakness has been identified in itsourcecode Hospital 
Management Sys ...)
+       TODO: check
+CVE-2026-13578 (A security flaw has been discovered in itsourcecode Hospital 
Managemen ...)
+       TODO: check
+CVE-2026-13574 (A vulnerability was determined in llvm llvm-project up to 
22.1.6. This ...)
+       TODO: check
+CVE-2026-13573 (A vulnerability was found in llvm llvm-project up to 22.1.6. 
This affe ...)
+       TODO: check
+CVE-2026-13572 (A vulnerability has been found in itsourcecode Hospital 
Management Sys ...)
+       TODO: check
+CVE-2026-13571 (A flaw has been found in SourceCodester Simple Food Ordering 
System 1. ...)
+       TODO: check
+CVE-2026-13570 (A vulnerability was detected in SourceCodester Inventory 
Management Sy ...)
+       TODO: check
+CVE-2026-13569 (A security vulnerability has been detected in weng-xianhu 
EyouCMS up t ...)
+       TODO: check
+CVE-2026-13568 (A weakness has been identified in SourceCodester Inventory 
Management  ...)
+       TODO: check
+CVE-2026-13567 (A security flaw has been discovered in code-projects Online 
Music Site ...)
+       TODO: check
+CVE-2026-13566 (A vulnerability was identified in SourceCodester Class and 
Exam Timeta ...)
+       TODO: check
+CVE-2026-13565 (A vulnerability was determined in SourceCodester Class and 
Exam Timeta ...)
+       TODO: check
+CVE-2026-13564 (A vulnerability was found in Edimax EW-7478APC 1.04. Affected 
is the f ...)
+       TODO: check
+CVE-2026-13563 (A vulnerability has been found in Edimax EW-7478APC 1.04. This 
impacts ...)
+       TODO: check
+CVE-2026-13562 (A flaw has been found in Edimax EW-7478APC 1.04. This affects 
the func ...)
+       TODO: check
+CVE-2026-13561 (A vulnerability was detected in Edimax EW-7478APC 1.04. The 
impacted e ...)
+       TODO: check
+CVE-2026-13560 (A security vulnerability has been detected in Edimax 
EW-7478APC 1.04.  ...)
+       TODO: check
+CVE-2026-13559 (A weakness has been identified in code-projects Real State 
Services 1. ...)
+       TODO: check
+CVE-2026-13558 (A security flaw has been discovered in CodeAstro Complaint 
Management  ...)
+       TODO: check
+CVE-2026-13557 (A vulnerability was identified in itsourcecode Online Hotel 
Management ...)
+       TODO: check
+CVE-2026-13556 (A vulnerability was determined in itsourcecode Online Hotel 
Management ...)
+       TODO: check
+CVE-2026-13555 (A vulnerability was found in itsourcecode Online Hotel 
Management Syst ...)
+       TODO: check
+CVE-2026-13554 (A vulnerability has been found in itsourcecode Online Hotel 
Management ...)
+       TODO: check
+CVE-2026-13553 (A flaw has been found in itsourcecode Online Hotel Management 
System 1 ...)
+       TODO: check
+CVE-2026-13552 (A vulnerability was detected in itsourcecode Online Hotel 
Management S ...)
+       TODO: check
+CVE-2026-13551 (A security vulnerability has been detected in itsourcecode 
Baptism Inf ...)
+       TODO: check
+CVE-2026-13550 (A weakness has been identified in itsourcecode Baptism 
Information Man ...)
+       TODO: check
+CVE-2026-13549 (A security flaw has been discovered in CodeAstro Complaint 
Management  ...)
+       TODO: check
+CVE-2026-13548 (A vulnerability was identified in itsourcecode Hospital 
Management Sys ...)
+       TODO: check
+CVE-2026-13547 (A vulnerability was determined in Hanwang e-Face General 
Management Pl ...)
+       TODO: check
+CVE-2026-13546 (A vulnerability was found in Feehi CMS up to 2.1.1. This 
vulnerability ...)
+       TODO: check
+CVE-2026-13545 (A vulnerability has been found in D-Link DCS-935L 1.10.01. 
This affect ...)
+       TODO: check
+CVE-2026-13437 (Insertion of sensitive information into sent data in the AI 
Agent job  ...)
+       TODO: check
+CVE-2026-13165 (SzafirHost verifies the downloaded native library archive with 
one Jar ...)
+       TODO: check
+CVE-2026-12912 (A flaw was found in libtiff. A remote attacker could exploit 
this vuln ...)
+       TODO: check
+CVE-2026-12856 (A flaw was found in the vscode-java extension, which provides 
Java lan ...)
+       TODO: check
+CVE-2026-12672
+       REJECTED
+CVE-2026-12616 (The /v1/upload/sbom endpoint extracts the iss claim from the 
attacker- ...)
+       TODO: check
+CVE-2026-11979 (libxml2 is vulnerable to multiple stack-based buffer overflows 
in the  ...)
+       TODO: check
+CVE-2026-11720 (A path traversal vulnerability exists in the HTTP tool URL 
builder of  ...)
+       TODO: check
+CVE-2026-54371 (attr before version 2.6.0 contains a symlink traversal 
vulnerability i ...)
        - attr <unfixed>
        [trixie] - attr <no-dsa> (Will be fixed first in unstable, then point 
release update)
        NOTE: https://www.openwall.com/lists/oss-security/2026/06/29/1
-CVE-2026-54370
+CVE-2026-54370 (acl before version 2.4.0 contains a time-of-check to 
time-of-use (TOCT ...)
        - acl <unfixed>
        [trixie] - acl <no-dsa> (Will be fixed first in unstable, then point 
release update)
        NOTE: https://www.openwall.com/lists/oss-security/2026/06/29/1
-CVE-2026-54369
+CVE-2026-54369 (acl before version 2.4.0 contains a symlink traversal 
vulnerability in ...)
        - acl <unfixed>
        [trixie] - acl <no-dsa> (Will be fixed first in unstable, then point 
release update)
        NOTE: https://www.openwall.com/lists/oss-security/2026/06/29/1
@@ -391,7 +653,7 @@ CVE-2026-50767 (A stored cross-site scripting (XSS) 
vulnerability in the item ty
        NOT-FOR-US: Koha Library Management System
 CVE-2026-50766 (A stored cross-site scripting (XSS) vulnerability in the OPAC 
item det ...)
        NOT-FOR-US: Koha Library Management System
-CVE-2026-50765 (Cross-Site Scripting (XSS) vulnerability in the patron 
restriction typ ...)
+CVE-2026-50765 (A stored cross-site scripting (XSS) vulnerability in the 
patron restri ...)
        NOT-FOR-US: Koha Library Management System
 CVE-2026-50137 (Budibase is an open-source low-code platform. Prior to 3.39.0, 
an anon ...)
        NOT-FOR-US: Budibase
@@ -5701,7 +5963,7 @@ CVE-2026-53632 (launch-editor allows users to open files 
with line numbers in ed
        NOT-FOR-US: Node launch-editor
 CVE-2026-53571 (Vite is a frontend tooling framework for JavaScript. Prior to 
8.0.16,  ...)
        - node-vite <itp> (bug #1053782)
-CVE-2026-53550 (js-yaml is a JavaScript YAML parser and dumper. Prior to 
4.2.0, a craf ...)
+CVE-2026-53550 (js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 
and 3.1 ...)
        - node-js-yaml 4.2.0+~4.0.9-1
        NOTE: 
https://github.com/nodeca/js-yaml/security/advisories/GHSA-h67p-54hq-rp68
 CVE-2026-53540 (Python-Multipart is a streaming multipart parser for Python. 
Prior to  ...)
@@ -28568,7 +28830,7 @@ CVE-2026-43491 (In the Linux kernel, the following 
vulnerability has been resolv
        [trixie] - linux 6.12.86-1
        NOTE: 
https://git.kernel.org/linus/d5ee2ff98322337951c56398e79d51815acbf955 (7.1-rc1)
 CVE-2026-8851 (SOGo versions 5.12.7 and prior contains a SQL injection 
vulnerability  ...)
-       {DSA-6366-1}
+       {DSA-6366-1 DLA-4657-1}
        - sogo 5.12.8-1
        [bullseye] - sogo <ignored> (Invasive to patch; Debian maintainer 
recommends against backport)
        NOTE: 
https://github.com/Alinto/sogo/commit/f9b71059f4f382d7b337d16ce1257443ade43d02 
(SOGo-5.12.8)
@@ -28662,7 +28924,8 @@ CVE-2026-24792 (in OpenHarmony v6.0 and prior versions 
allow a remote attacker a
        NOT-FOR-US: OpenHarmony
 CVE-2026-22810 (Joplin is an open source note-taking and to-do application 
that organi ...)
        - joplin <itp> (bug #931306)
-CVE-2026-22069 (A local privilege escalation vulnerability exists in O+ 
Connect becaus ...)
+CVE-2026-22069
+       REJECTED
        NOT-FOR-US: O+ Connect
 CVE-2026-21789 (HCL Connections contains a broken access control vulnerability 
that ma ...)
        NOT-FOR-US: HCL
@@ -30546,7 +30809,7 @@ CVE-2026-45793 [Github Actions issued GITHUB_TOKEN 
disclosure in GitHub Actions
        [bookworm] - composer <no-dsa> (Minor issue)
        NOTE: 
https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2
 CVE-2026-8496 (A cross-site scripting (XSS) vulnerability exists in Alinto 
SOGo, vers ...)
-       {DSA-6366-1}
+       {DSA-6366-1 DLA-4657-1}
        - sogo 5.12.8-1
        [bullseye] - sogo <ignored> (Invasive to patch; Debian maintainer 
recommends against backport)
        NOTE: 
https://github.com/Alinto/sogo/commit/67ce01ec2a1a7854d8e9f615dd65afb949043e8 
(SOGo-5.12.8)
@@ -30656,12 +30919,12 @@ CVE-2026-4527 (GitLab has remediated an issue in 
GitLab CE/EE affecting all vers
 CVE-2026-4524 (GitLab has remediated an issue in GitLab CE/EE affecting all 
versions  ...)
        - gitlab <not-affected> (Vulnerable code not present)
 CVE-2026-46446 (SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and 
cleartext  ...)
-       {DSA-6366-1}
+       {DSA-6366-1 DLA-4657-1}
        - sogo 5.12.7-1
        [bullseye] - sogo <ignored> (Invasive to patch; Debian maintainer 
recommends against backport)
        NOTE: 
https://github.com/Alinto/sogo/commit/1f7e5d2b2c2047c44a6a9e05f73c36491cb96d21 
(SOGo-5.12.7)
 CVE-2026-46445 (SOGo before 5.12.7, when PostgreSQL is used, allows SQL 
injection.)
-       {DSA-6366-1}
+       {DSA-6366-1 DLA-4657-1}
        - sogo 5.12.7-1
        [bullseye] - sogo <ignored> (Invasive to patch; Debian maintainer 
recommends against backport)
        NOTE: 
https://github.com/Alinto/sogo/commit/1f7e5d2b2c2047c44a6a9e05f73c36491cb96d21 
(SOGo-5.12.7)
@@ -66322,12 +66585,12 @@ CVE-2026-3312
        [bullseye] - pagure <postponed> (Minor issue, infoleak)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443259
 CVE-2025-71276 (SOGo before 5.12.5 is prone to a XSS vulnerability with 
events, tasks, ...)
-       {DSA-6366-1}
+       {DSA-6366-1 DLA-4657-1}
        - sogo 5.12.6-1 (bug #1131605)
        [bullseye] - sogo <ignored> (minor issue; XSS; Debian maintainer 
recommends against backport)
        NOTE: Fixed by: 
https://github.com/Alinto/sogo/commit/e9b3f2a43d7557e8416f6749df4ab4f9128af2d1 
(SOGo-5.12.5)
 CVE-2026-33550 (SOGo before 5.12.5 does not renew the OTP if a user 
disables/enables i ...)
-       {DSA-6366-1}
+       {DSA-6366-1 DLA-4657-1}
        - sogo 5.12.6-1 (bug #1131606)
        [bullseye] - sogo <ignored> (minor issue; invasive to patch; Debian 
maintainer recommends against backport)
        NOTE: Fixed by: 
https://github.com/Alinto/sogo/commit/83d4c522f87cfde0ba543837d9b24c3479083ec2 
(SOGo-5.12.5)
@@ -316395,7 +316658,7 @@ CVE-2024-23322 (Envoy is a high-performance 
edge/middle/service proxy. Envoy wil
        - envoyproxy <itp> (bug #987544)
 CVE-2024-21624 (nonebot2 is a cross-platform Python asynchronous chatbot 
framework wri ...)
        NOT-FOR-US: nonebot2
-CVE-2024-21490 (This affects versions of the package angular from 1.3.0. A 
regular exp ...)
+CVE-2024-21490 (This affects versions of the package angular from 1.3.0; 
versions of t ...)
        {DLA-4242-1}
        - angular.js 1.8.3-2 (bug #1088803)
        [bookworm] - angular.js 1.8.3-1+deb12u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/169c7c1f23a31bf446d4f2217bd1c2ef0b5b66e9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/169c7c1f23a31bf446d4f2217bd1c2ef0b5b66e9
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to