[Git][security-tracker-team/security-tracker][master] Add new git issues: CVE-2023-25652, CVE-2023-25815 and CVE-2023-29007

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 25 19:27:41 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
121e2d5c by Salvatore Bonaccorso at 2023-04-25T20:27:02+02:00
Add new git issues: CVE-2023-25652, CVE-2023-25815 and CVE-2023-29007

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6018,6 +6018,8 @@ CVE-2023-29008 (The SvelteKit framework offers developers an option to create si
 	NOT-FOR-US: SvelteKit
 CVE-2023-29007
 	RESERVED
+	- git <unfixed>
+	NOTE: https://lore.kernel.org/lkml/xmqqa5yv3n93.fsf@gitster.g/
 CVE-2023-29006 (The Order GLPI plugin allows users to manage order management within G ...)
 	NOT-FOR-US: GLPI plugin
 CVE-2023-29005 (Flask-AppBuilder versions before 4.3.0 lack rate limiting which can al ...)
@@ -15509,6 +15511,8 @@ CVE-2023-25816 (Nextcloud is an Open Source private cloud software. Versions 25.
 	- nextcloud-server <itp> (bug #941708)
 CVE-2023-25815
 	RESERVED
+	- git <unfixed>
+	NOTE: https://lore.kernel.org/lkml/xmqqa5yv3n93.fsf@gitster.g/
 CVE-2023-25814 (metersphere is an open source continuous testing platform. In versions ...)
 	NOT-FOR-US: metersphere
 CVE-2023-25813 (Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL inj ...)
@@ -16244,6 +16248,8 @@ CVE-2023-25653 (node-jose is a JavaScript implementation of the JSON Object Sign
 	NOTE: https://github.com/cisco/node-jose/security/advisories/GHSA-5h4j-qrvg-9xhw
 CVE-2023-25652
 	RESERVED
+	- git <unfixed>
+	NOTE: https://lore.kernel.org/lkml/xmqqa5yv3n93.fsf@gitster.g/
 CVE-2023-25651
 	RESERVED
 CVE-2023-25650



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/121e2d5c8c23015e0eb93c353c4b017ac4715c65

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/121e2d5c8c23015e0eb93c353c4b017ac4715c65
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230425/51f78dae/attachment.htm>

More information about the debian-security-tracker-commits mailing list