[Git][security-tracker-team/security-tracker][master] new curl issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Dec 6 08:45:56 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bee6b196 by Moritz Muehlenhoff at 2023-12-06T09:45:31+01:00
new curl issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2023-46218 [curl: cookie mixed case PSL bypass]
+ - curl <unfixed>
+ NOTE: https://github.com/curl/curl/commit/2b0994c29a721c91c57
+ NOTE: https://curl.se/docs/CVE-2023-46218.html
+CVE-2023-46219 [curl: HSTS long file name clears contents]
+ - curl <unfixed>
+ [bullseye] - curl <ignored> (curl is not built with HSTS support)
+ NOTE: https://github.com/curl/curl/commit/73b65e94f3531179de45
+ NOTE: https://curl.se/docs/CVE-2023-46219.html
CVE-2023-6527 (The Email Subscription Popup plugin for WordPress is vulnerable to Ref ...)
NOT-FOR-US: WordPress plugin
CVE-2023-5970 (Improper authentication in the SMA100 SSL-VPN virtual office portal al ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bee6b19626d15d6f6cd98cd77c1361f956189ea4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bee6b19626d15d6f6cd98cd77c1361f956189ea4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231206/dfbc4b79/attachment.htm>
More information about the debian-security-tracker-commits
mailing list