[Git][security-tracker-team/security-tracker][master] Add new glpi issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Dec 14 21:16:48 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
59b6fd13 by Salvatore Bonaccorso at 2023-12-14T22:16:26+01:00
Add new glpi issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -581,9 +581,13 @@ CVE-2023-47062 (Adobe Dimension versions 3.4.10 and earlier are affected by an o
 CVE-2023-47061 (Adobe Dimension versions 3.4.10 and earlier are affected by an out-of- ...)
 	NOT-FOR-US: Adobe
 CVE-2023-46727 (GLPI is a free asset and IT management software package. Starting in v ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-v799-2mp3-wgfr
+	NOTE: https://github.com/glpi-project/glpi/commit/ee2d674481ebef177037e8e14d35c9455b5cfd46
 CVE-2023-46726 (GLPI is a free asset and IT management software package. Starting in v ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-qc92-gxc6-5f95
+	NOTE: https://github.com/glpi-project/glpi/commit/42ba2b031bec0b3889317db25f3adf9080fc11b2
 CVE-2023-46247 (Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual M ...)
 	NOT-FOR-US: Vyper
 CVE-2023-44362 (Adobe Prelude versions 22.6 and earlier are affected by an Access of U ...)
@@ -593,7 +597,9 @@ CVE-2023-44252 (** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulner
 CVE-2023-44251 (** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to  ...)
 	NOT-FOR-US: FortiGuard
 CVE-2023-43813 (GLPI is a free asset and IT management software package. Starting in v ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-94c3-fw5r-3362
+	NOTE: https://github.com/glpi-project/glpi/commit/4bd7f02d940953b9cbc9d285f7544bb0e490e75e
 CVE-2023-42495 (Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutraliz ...)
 	NOT-FOR-US: Dasan Networks W-Web
 CVE-2023-34194 (StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59b6fd13ee31b6e9fd31c6995f6b6d3a3b54ca19

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59b6fd13ee31b6e9fd31c6995f6b6d3a3b54ca19
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231214/bb2b663e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list