[Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-49355
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 11 16:10:51 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9394694a by Salvatore Bonaccorso at 2023-12-11T17:09:53+01:00
Add initial tracking for CVE-2023-49355
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,8 @@ CVE-2023-50463 (The caddy-geo-ip (aka GeoIP) middleware through 0.6.0 for Caddy
CVE-2023-49964 (An issue was discovered in Hyland Alfresco Community Edition through 7 ...)
NOT-FOR-US: Hyland Alfresco Community Edition
CVE-2023-49355 (decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out- ...)
- TODO: check
+ - jq <undetermined>
+ NOTE: https://github.com/linzc21/bug-reports/blob/main/reports/jq/1.7-37-g88f01a7/heap-buffer-overflow/CVE-2023-49355.md
CVE-2023-48425 (U-Boot vulnerability resulting in persistent Code Execution)
TODO: check
CVE-2023-48424 (U-Boot shell vulnerability resulting in Privilege escalation in a prod ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9394694a4c1caa2dafc3b468cd5a35d39721fb51
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9394694a4c1caa2dafc3b468cd5a35d39721fb51
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231211/04fbfdff/attachment.htm>
More information about the debian-security-tracker-commits
mailing list