[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 18 20:12:16 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
69cc5e69 by security tracker role at 2023-12-18T20:12:05+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,97 @@
+CVE-2023-6920
+ REJECTED
+CVE-2023-6911 (Multiple WSO2 products have been identified as vulnerable due to impro ...)
+ TODO: check
+CVE-2023-6817 (A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...)
+ TODO: check
+CVE-2023-6778 (Cross-site Scripting (XSS) - Stored in GitHub repository allegroai/cle ...)
+ TODO: check
+CVE-2023-6691 (Cambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code inje ...)
+ TODO: check
+CVE-2023-6295 (The SiteOrigin Widgets Bundle WordPress plugin before 1.51.0 does not ...)
+ TODO: check
+CVE-2023-6289 (The Swift Performance Lite WordPress plugin before 2.3.6.15 does not p ...)
+ TODO: check
+CVE-2023-6272 (The Theme My Login 2FA WordPress plugin before 1.2 does not rate limit ...)
+ TODO: check
+CVE-2023-6222 (IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does ...)
+ TODO: check
+CVE-2023-6203 (The Events Calendar WordPress plugin before 6.2.8.1 discloses the cont ...)
+ TODO: check
+CVE-2023-6077 (The Slider WordPress plugin before 3.5.12 does not ensure that posts t ...)
+ TODO: check
+CVE-2023-6065 (The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn' ...)
+ TODO: check
+CVE-2023-5949 (The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthor ...)
+ TODO: check
+CVE-2023-5886 (The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0 ...)
+ TODO: check
+CVE-2023-5882 (The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0 ...)
+ TODO: check
+CVE-2023-5348 (The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 ...)
+ TODO: check
+CVE-2023-5005 (The Autocomplete Location field Contact Form 7 WordPress plugin before ...)
+ TODO: check
+CVE-2023-51385 (In ssh in OpenSSH before 9.6, OS command injection might occur if a us ...)
+ TODO: check
+CVE-2023-51384 (In ssh-agent in OpenSSH before 9.6, certain destination constraints ca ...)
+ TODO: check
+CVE-2023-50372 (Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita C ...)
+ TODO: check
+CVE-2023-4724 (The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0 ...)
+ TODO: check
+CVE-2023-4311 (The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerab ...)
+ TODO: check
+CVE-2023-49855 (Cross-Site Request Forgery (CSRF) vulnerability in BinaryCarpenter Men ...)
+ TODO: check
+CVE-2023-49854 (Cross-Site Request Forgery (CSRF) vulnerability in Tribe Interactive C ...)
+ TODO: check
+CVE-2023-49853 (Cross-Site Request Forgery (CSRF) vulnerability in PayTR \xd6deme ve E ...)
+ TODO: check
+CVE-2023-49844 (Cross-Site Request Forgery (CSRF) vulnerability in Kevin Ohashi WPPerf ...)
+ TODO: check
+CVE-2023-49843 (Cross-Site Request Forgery (CSRF) vulnerability in QuanticEdge First O ...)
+ TODO: check
+CVE-2023-49840 (Cross-Site Request Forgery (CSRF) vulnerability in Palscode Multi Curr ...)
+ TODO: check
+CVE-2023-48766 (Cross-Site Request Forgery (CSRF) vulnerability in SVGator SVGator \u2 ...)
+ TODO: check
+CVE-2023-48762 (Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetEleme ...)
+ TODO: check
+CVE-2023-48755 (Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler tea ...)
+ TODO: check
+CVE-2023-47806 (Cross-Site Request Forgery (CSRF) vulnerability in Saint Systems Disab ...)
+ TODO: check
+CVE-2023-47789 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Canada ...)
+ TODO: check
+CVE-2023-47787 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooComm ...)
+ TODO: check
+CVE-2023-47741 (IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser cl ...)
+ TODO: check
+CVE-2023-46617 (Cross-Site Request Forgery (CSRF) vulnerability in AdFoxly AdFoxly \u2 ...)
+ TODO: check
+CVE-2023-46177 (IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to t ...)
+ TODO: check
+CVE-2023-39509 (A command injection vulnerability exists in Bosch IP cameras that allo ...)
+ TODO: check
+CVE-2023-35867 (An improper handling of a malformed API answer packets to API clients ...)
+ TODO: check
+CVE-2023-33214 (Cross-Site Request Forgery (CSRF) vulnerability in Tagbox Tagbox \u201 ...)
+ TODO: check
+CVE-2023-32728 (The Zabbix Agent 2 item key smart.disk.get does not sanitize its param ...)
+ TODO: check
+CVE-2023-32727 (An attacker who has the privilege to configure Zabbix items can use fu ...)
+ TODO: check
+CVE-2023-32726 (The vulnerability is caused by improper check for check if RDLENGTH do ...)
+ TODO: check
+CVE-2023-32725 (The website configured in the URL widget will receive a session cookie ...)
+ TODO: check
+CVE-2023-32230 (An improper handling of a malformed API request to an API server in Bo ...)
+ TODO: check
CVE-2023-46447 [Rogue Session Attack in AsyncSSH]
- python-asyncssh <unfixed>
NOTE: https://terrapin-attack.com/
-CVE-2023-48795 [General Protocol Flaw]
+CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, found in O ...)
- dropbear <unfixed>
- golang-go.crypto <unfixed>
- libssh <unfixed>
@@ -34,7 +124,7 @@ CVE-2023-48795 [General Protocol Flaw]
NOTE: PuTTY: https://git.tartarus.org/?p=simon/putty.git;a=commit;h=b80a41d386dbfa1b095c17bd2ed001477f302d46 (0.80)
NOTE: asyncssh: https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55
NOTE: asyncssh: https://github.com/ronf/asyncssh/commit/0bc73254f41acb140187e0c89606311f88de5b7b (v2.14.2)
-CVE-2023-41314
+CVE-2023-41314 (The api /api/snapshot and /api/get_log_file would allow unauthenticate ...)
NOT-FOR-US: Apache Doris
CVE-2023-6909 (Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prio ...)
NOT-FOR-US: mlflow
@@ -1741,6 +1831,7 @@ CVE-2023-42894 (This issue was addressed with improved redaction of sensitive in
CVE-2023-42891 (An authentication issue was addressed with improved state management. ...)
NOT-FOR-US: Apple
CVE-2023-42890 (The issue was addressed with improved memory handling. This issue is f ...)
+ {DSA-5527-1}
- webkit2gtk 2.42.0-1
[buster] - webkit2gtk <end-of-life> (EOL in buster LTS)
- wpewebkit 2.42.0-1
@@ -1752,6 +1843,7 @@ CVE-2023-42886 (An out-of-bounds read was addressed with improved bounds checkin
CVE-2023-42884 (This issue was addressed with improved redaction of sensitive informat ...)
NOT-FOR-US: Apple
CVE-2023-42883 (The issue was addressed with improved memory handling. This issue is f ...)
+ {DSA-5580-1}
- webkit2gtk 2.42.4-1
[buster] - webkit2gtk <end-of-life> (EOL in buster LTS)
- wpewebkit 2.42.4-1
@@ -2462,7 +2554,7 @@ CVE-2023-6560 (An out-of-bounds memory access flaw was found in the io_uring SQ/
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/820d070feb668aab5bc9413c285a1dda2a70e076 (6.7-rc4)
-CVE-2023-5384
+CVE-2023-5384 (A flaw was found in Infinispan. When serializing the configuration for ...)
NOT-FOR-US: Infinispan
CVE-2023-6514 (The Bluetooth module of some Huawei Smart Screen products has an ident ...)
NOT-FOR-US: Huawei
@@ -4373,7 +4465,7 @@ CVE-2023-49312 (Precision Bridge PrecisionBridge.exe (aka the thick client) befo
NOT-FOR-US: Precision Bridge
CVE-2023-47039
- perl <not-affected> (Windows specific issue)
-CVE-2023-47038 [Write past buffer end via illegal user-defined Unicode property]
+CVE-2023-47038 (A vulnerability was found in perl. This issue occurs when a crafted re ...)
- perl 5.36.0-10 (bug #1056746)
[bookworm] - perl 5.36.0-7+deb12u1
[bullseye] - perl <no-dsa> (Minor issue; can be fixed via point release)
@@ -4588,7 +4680,7 @@ CVE-2023-6265 (Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directo
NOT-FOR-US: Draytek Vigor2960
CVE-2023-6264 (Information leak in Content-Security-Policy header in Devolutions Serv ...)
NOT-FOR-US: Devolutions Server
-CVE-2023-6263 (An issue was discovered in Network Optix NxCloud before 23.1.0.40440.I ...)
+CVE-2023-6263 (An issue was discovered by IPVM team in Network Optix NxCloud before 2 ...)
NOT-FOR-US: Network Optix NxCloud
CVE-2023-6253 (A saved encryption key in the Uninstaller in Digital Guardian's Agent ...)
NOT-FOR-US: Digital Guardian's Agent
@@ -4869,7 +4961,7 @@ CVE-2023-6238 (A buffer overflow vulnerability was found in the NVM Express (NVM
[buster] - linux <not-affected> (Vulnerable code not present)
CVE-2023-6235 (An uncontrolled search path element vulnerability has been found in th ...)
NOT-FOR-US: Duet Display for Windows
-CVE-2023-6228 [heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c]
+CVE-2023-6228 (An issue was found in the tiffcp utility distributed by the libtiff pa ...)
- tiff <unfixed> (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/606
NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a
@@ -6361,14 +6453,14 @@ CVE-2023-47346 (Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and S
NOT-FOR-US: free5GC
CVE-2023-47117 (Label Studio is an open source data labeling tool. In all current vers ...)
NOT-FOR-US: Label Studio
-CVE-2023-46446 (An issue in AsyncSSH v2.14.0 and earlier allows attackers to control t ...)
+CVE-2023-46446 (An issue in AsyncSSH before 2.14.1 allows attackers to control the rem ...)
- python-asyncssh <unfixed> (bug #1055999)
[bookworm] - python-asyncssh <no-dsa> (Minor issue)
[bullseye] - python-asyncssh <no-dsa> (Minor issue)
[buster] - python-asyncssh <no-dsa> (Minor issue)
NOTE: https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
NOTE: https://terrapin-attack.com/
-CVE-2023-46445 (An issue in AsyncSSH v2.14.0 and earlier allows attackers to control t ...)
+CVE-2023-46445 (An issue in AsyncSSH before 2.14.1 allows attackers to control the ext ...)
- python-asyncssh <unfixed> (bug #1056000)
[bookworm] - python-asyncssh <no-dsa> (Minor issue)
[bullseye] - python-asyncssh <no-dsa> (Minor issue)
@@ -8633,7 +8725,7 @@ CVE-2023-47090 (NATS nats-server before 2.9.23 and 2.10.x before 2.10.2 has an a
- nats-server 2.10.3-1
NOTE: https://advisories.nats.io/CVE/secnote-2023-01.txt
NOTE: https://github.com/nats-io/nats-server/security/advisories/GHSA-fr2g-9hjm-wr23
-CVE-2023-5056
+CVE-2023-5056 (A flaw was found in the Skupper operator, which may permit a certain c ...)
NOT-FOR-US: Skupper
CVE-2023-5834 (HashiCorp Vagrant's Windows installer targeted a custom location with ...)
NOT-FOR-US: HashiCorp Vagrant's Windows installer
@@ -13025,7 +13117,7 @@ CVE-2023-36618 (Atos Unify OpenScape Session Border Controller through V10 R3.01
NOT-FOR-US: Atos Unify OpenScape Session Border Controller
CVE-2023-35803 (IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Ove ...)
NOT-FOR-US: IQ Engine
-CVE-2023-3430
+CVE-2023-3430 (A vulnerability was found in OpenImageIO, where a heap buffer overflow ...)
- openimageio 2.4.13.0+dfsg-1
[bookworm] - openimageio <no-dsa> (Minor issue)
[bullseye] - openimageio <no-dsa> (Minor issue)
@@ -14278,7 +14370,7 @@ CVE-2023-40474 [Integer overflow leading to heap overwrite in MXF file handling
NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5362
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/ce17e968e4cf900d28ca5b46f6e095febc42b4f0
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/f73fc41f2ca6a0cd4e883aee64bf8e1c15ff68ce (1.22.6)
-CVE-2023-5236
+CVE-2023-5236 (A flaw was found in Infinispan, which does not detect circular object ...)
NOT-FOR-US: Infinispan
CVE-2023-5223 (A vulnerability, which was classified as critical, has been found in H ...)
NOT-FOR-US: HimitZH HOJ
@@ -14771,7 +14863,7 @@ CVE-2023-5157 (A vulnerability was found in MariaDB. An OpenVAS port scan on por
NOTE: https://jira.mariadb.org/browse/MDEV-25068
NOTE: Introduced by: https://github.com/codership/galera/commit/c27596d06a221f6c14d36759c681149964008749 (26.4.8)
NOTE: Fixed by: https://github.com/codership/galera/commit/930c016108d7086b472ad7a8b9d0f6989202b48a (26.4.12)
-CVE-2023-5115 [malicious role archive can cause ansible-galaxy to overwrite arbitrary files]
+CVE-2023-5115 (An absolute path traversal attack exists in the Ansible automation pla ...)
- ansible-core 2.14.11-1 (bug #1053693)
[bookworm] - ansible-core <no-dsa> (Minor issue)
[bullseye] - ansible-core <no-dsa> (Minor issue)
@@ -15239,9 +15331,9 @@ CVE-2023-31716 (FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file
NOT-FOR-US: FUXA
CVE-2023-5002 (A flaw was found in pgAdmin. This issue occurs when the pgAdmin server ...)
- pgadmin4 <itp> (bug #834129)
-CVE-2023-3629
+CVE-2023-3629 (A flaw was found in Infinispan's REST, Cache retrieval endpoints do no ...)
NOT-FOR-US: Infinispan
-CVE-2023-3628
+CVE-2023-3628 (A flaw was found in Infinispan's REST. Bulk read endpoints do not prop ...)
NOT-FOR-US: Infinispan
CVE-2023-5104 (Improper Input Validation in GitHub repository nocodb/nocodb prior to ...)
NOT-FOR-US: nocodb
@@ -19301,7 +19393,7 @@ CVE-2023-4419 (The LMS5xx uses hard-coded credentials, which potentially allow l
NOT-FOR-US: SICK LMS5xx
CVE-2023-4418 (A remote unprivileged attacker can sent multiple packages to the LMS5x ...)
NOT-FOR-US: SICK LMS5xx
-CVE-2023-4320
+CVE-2023-4320 (An arithmetic overflow flaw was found in Satellite when creating a new ...)
NOT-FOR-US: Red Hat Satellite
CVE-2023-40904 (Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain ...)
NOT-FOR-US: Tenda
@@ -42934,8 +43026,8 @@ CVE-2023-28055 (Dell NetWorker, Version 19.7 has an improper authorization vulne
NOT-FOR-US: Dell
CVE-2023-28054 (Dell BIOS contains an improper input validation vulnerability. A local ...)
NOT-FOR-US: Dell
-CVE-2023-28053
- RESERVED
+CVE-2023-28053 (Dell NetWorker Virtual Edition versions 19.8 and below contain the use ...)
+ TODO: check
CVE-2023-28052 (Dell BIOS contains an improper input validation vulnerability. A local ...)
NOT-FOR-US: Dell
CVE-2023-28051 (Dell Power Manager, versions 3.10 and prior, contains an Improper Acce ...)
@@ -84109,8 +84201,8 @@ CVE-2022-41678 (Once an user is authenticated on Jolokia, he can potentially tri
- activemq 5.17.6+dfsg-1
NOTE: https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl
NOTE: https://activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt
-CVE-2022-41677
- RESERVED
+CVE-2022-41677 (An information disclosure vulnerability was discovered in Bosch IP cam ...)
+ TODO: check
CVE-2022-41658 (Insecure inherited permissions in the Intel(R) VTune(TM) Profiler soft ...)
NOT-FOR-US: Intel
CVE-2022-41637
@@ -86683,8 +86775,8 @@ CVE-2022-40671 (Cross-Site Request Forgery (CSRF) vulnerability in Rate my Post
NOT-FOR-US: WordPress plugin
CVE-2022-40632 (Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpFor ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-40312
- RESERVED
+CVE-2022-40312 (Server-Side Request Forgery (SSRF) vulnerability in GiveWP GiveWP \u20 ...)
+ TODO: check
CVE-2022-40310 (Authenticated (subscriber+) Race Condition vulnerability in Rate my Po ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40223 (Nonce token leakage and missing authorization in SearchWP premium plug ...)
@@ -238624,7 +238716,7 @@ CVE-2020-22526
CVE-2020-22525
RESERVED
CVE-2020-22524 (Buffer Overflow vulnerability in FreeImage_Load function in FreeImage ...)
- {DLA-3662-1}
+ {DSA-5579-1 DLA-3662-1}
- freeimage 3.18.0+ds2-10 (bug #1051889)
NOTE: https://sourceforge.net/p/freeimage/bugs/319/
NOTE: Fixed with r1848 from http://svn.code.sf.net/p/freeimage/svn/FreeImage/
@@ -241176,12 +241268,12 @@ CVE-2020-21430
CVE-2020-21429
RESERVED
CVE-2020-21428 (Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in ...)
- {DLA-3662-1}
+ {DSA-5579-1 DLA-3662-1}
- freeimage 3.18.0+ds2-10 (bug #1051738)
NOTE: https://sourceforge.net/p/freeimage/bugs/299/
NOTE: Fixed with r1877 from http://svn.code.sf.net/p/freeimage/svn/FreeImage/
CVE-2020-21427 (Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginB ...)
- {DLA-3662-1}
+ {DSA-5579-1 DLA-3662-1}
- freeimage 3.18.0+ds2-10 (bug #1051737)
NOTE: https://sourceforge.net/p/freeimage/bugs/298/
NOTE: Probably fixed with r1832 and r1836 from http://svn.code.sf.net/p/freeimage/svn/FreeImage/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/69cc5e69a7d6d306dbbcc01061e29e17a8055250
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/69cc5e69a7d6d306dbbcc01061e29e17a8055250
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231218/849fec71/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list