[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Aug 23 13:39:01 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6768eaac by Moritz Muehlenhoff at 2023-08-23T14:38:29+02:00
bullseye/bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59,16 +59,19 @@ CVE-2023-38906 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo
CVE-2023-38732 (IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allo ...)
NOT-FOR-US: IBM
CVE-2023-38668 (Stack-based buffer over-read in disasm in nasm 2.16 allows attackers t ...)
- - nasm <unfixed>
+ - nasm <unfixed> (unimportant)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392811
+ NOTE: Crash in CLI tool, no security impact
CVE-2023-38667 (Stack-based buffer over-read in function disasm in nasm 2.16 allows at ...)
- - nasm <unfixed>
+ - nasm <unfixed> (unimportant)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392812
+ NOTE: Crash in CLI tool, no security impact
CVE-2023-38666 (Bento4 v1.6.0-639 was discovered to contain a segmentation violation v ...)
NOT-FOR-US: Bento4
CVE-2023-38665 (Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows att ...)
- - nasm <unfixed>
+ - nasm <unfixed> (unimportant)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392818
+ NOTE: Crash in CLI tool, no security impact
CVE-2023-37440 (A vulnerability in the web-based management interfaceof EdgeConnect SD ...)
NOT-FOR-US: Aruba
CVE-2023-37439 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
@@ -219,6 +222,7 @@ CVE-2023-38976 (An issue in weaviate v.1.20.0 allows a remote attacker to cause
NOT-FOR-US: weaviate
CVE-2023-38961 (Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0 ...)
- iotjs <removed>
+ [bullseye] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5092
CVE-2023-38899 (SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows a local ...)
NOT-FOR-US: berkaygediz O_Blog
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6768eaac994a336a215479bc645a202cbee8f4ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6768eaac994a336a215479bc645a202cbee8f4ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230823/e3aabdb0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list