[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 17 09:04:26 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
783145e4 by Moritz Muehlenhoff at 2023-08-17T10:04:02+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22,7 +22,7 @@ CVE-2023-4382 (A vulnerability, which was classified as problematic, has been fo
CVE-2023-4381 (Unverified Password Change in GitHub repository instantsoft/icms2 prio ...)
NOT-FOR-US: icms2
CVE-2023-4241 (lol-html can cause panics on certain HTML inputs. Anyone processing ar ...)
- TODO: check
+ NOT-FOR-US: lol-html
CVE-2023-4204 (NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected ...)
NOT-FOR-US: NPort IAW5000A-I/O Series firmware
CVE-2023-39975 (kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a ...)
@@ -310,7 +310,7 @@ CVE-2023-38851 (Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote a
NOTE: https://github.com/libxls/libxls/issues/124 (#2)
NOTE: Negligible security impact
CVE-2023-38850 (Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an ...)
- TODO: check
+ NOT-FOR-US: Codedoc
CVE-2023-38840 (An issue in Bitwarden Bitwarden Desktop v.2023.5.1 allows a local atta ...)
NOT-FOR-US: Bitwarden
CVE-2023-38402 (A vulnerability in the HPE Aruba Networking Virtual IntranetAccess (VI ...)
@@ -328,9 +328,9 @@ CVE-2023-4308 (The User Submitted Posts plugin for WordPress is vulnerable to St
CVE-2023-40518 (LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP ...)
NOT-FOR-US: LiteSpeed OpenLiteSpeed
CVE-2023-40453 (Docker Machine through 0.16.2 allows an attacker, who has control of a ...)
- TODO: check
+ NOT-FOR-US: Docker Machine
CVE-2023-40013 (SVG Loader is a javascript library that fetches SVGs using XMLHttpRequ ...)
- TODO: check
+ NOT-FOR-US: SVG Loader
CVE-2023-39829 (Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via ...)
NOT-FOR-US: Tenda
CVE-2023-39828 (Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via ...)
@@ -342,7 +342,7 @@ CVE-2023-38687 (Svelecte is a flexible autocomplete/select component written in
CVE-2023-35689 (In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a ...)
NOT-FOR-US: Android
CVE-2023-32358 (A type confusion issue was addressed with improved checks. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-4322 (Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...)
- radare2 <unfixed>
NOTE: https://github.com/radareorg/radare2/commit/ba919adb74ac368bf76b150a00347ded78b572dd
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/783145e49ed4434d5bf2ea9b8c324339b537363b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/783145e49ed4434d5bf2ea9b8c324339b537363b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230817/5f0ede93/attachment.htm>
More information about the debian-security-tracker-commits
mailing list