[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 10 20:10:34 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
edf2ad49 by security tracker role at 2023-02-10T20:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-25678
+ RESERVED
+CVE-2023-25677
+ RESERVED
+CVE-2023-0777
+ RESERVED
+CVE-2023-0776
+ RESERVED
+CVE-2023-0775
+ RESERVED
+CVE-2023-0774 (A vulnerability has been found in SourceCodester Medical Certificate G ...)
+ TODO: check
+CVE-2023-0773
+ RESERVED
+CVE-2023-0772
+ RESERVED
CVE-2023-25676
RESERVED
CVE-2023-25675
@@ -164,10 +180,10 @@ CVE-2023-0757
RESERVED
CVE-2022-4904
RESERVED
-CVE-2022-4903
- RESERVED
-CVE-2015-10077
- RESERVED
+CVE-2022-4903 (A vulnerability was found in CodenameOne 7.0.70. It has been classifie ...)
+ TODO: check
+CVE-2015-10077 (A vulnerability was found in webbuilders-group silverstripe-kapost-bri ...)
+ TODO: check
CVE-2023-25612
RESERVED
CVE-2023-25177
@@ -2926,16 +2942,16 @@ CVE-2023-24575
RESERVED
CVE-2023-24574 (Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Unc ...)
NOT-FOR-US: Dell
-CVE-2023-24573
- RESERVED
+CVE-2023-24573 (Dell Command | Monitor versions prior to 10.9 contain an arbitrary fol ...)
+ TODO: check
CVE-2023-24572
RESERVED
CVE-2023-24571
RESERVED
CVE-2023-24570
RESERVED
-CVE-2023-24569
- RESERVED
+CVE-2023-24569 (Dell Alienware Command Center versions 5.5.37.0 and prior contain an I ...)
+ TODO: check
CVE-2023-24568
RESERVED
CVE-2023-24567
@@ -3573,26 +3589,26 @@ CVE-2023-24354
RESERVED
CVE-2023-24353
RESERVED
-CVE-2023-24352
- RESERVED
-CVE-2023-24351
- RESERVED
-CVE-2023-24350
- RESERVED
-CVE-2023-24349
- RESERVED
-CVE-2023-24348
- RESERVED
-CVE-2023-24347
- RESERVED
-CVE-2023-24346
- RESERVED
-CVE-2023-24345
- RESERVED
-CVE-2023-24344
- RESERVED
-CVE-2023-24343
- RESERVED
+CVE-2023-24352 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24351 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24350 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24349 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24348 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24347 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24346 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24345 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24344 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
+CVE-2023-24343 (D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a ...)
+ TODO: check
CVE-2023-24342
RESERVED
CVE-2023-24341
@@ -3809,16 +3825,16 @@ CVE-2023-24236
RESERVED
CVE-2023-24235
RESERVED
-CVE-2023-24234
- RESERVED
-CVE-2023-24233
- RESERVED
-CVE-2023-24232
- RESERVED
-CVE-2023-24231
- RESERVED
-CVE-2023-24230
- RESERVED
+CVE-2023-24234 (A stored cross-site scripting (XSS) vulnerability in the component php ...)
+ TODO: check
+CVE-2023-24233 (A stored cross-site scripting (XSS) vulnerability in the component /ph ...)
+ TODO: check
+CVE-2023-24232 (A stored cross-site scripting (XSS) vulnerability in the component /ph ...)
+ TODO: check
+CVE-2023-24231 (A stored cross-site scripting (XSS) vulnerability in the component /ph ...)
+ TODO: check
+CVE-2023-24230 (A stored cross-site scripting (XSS) vulnerability in the component /fo ...)
+ TODO: check
CVE-2023-24229
RESERVED
CVE-2023-24228
@@ -5270,8 +5286,8 @@ CVE-2023-XXXX [RUSTSEC-2022-0078]
[bullseye] - rust-bumpalo <no-dsa> (Minor issue)
NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0078.html
NOTE: https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md#3111
-CVE-2023-23698
- RESERVED
+CVE-2023-23698 (Dell Command | Update, Dell Update, and Alienware Update versions befo ...)
+ TODO: check
CVE-2023-23697
RESERVED
CVE-2023-23696 (Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain ...)
@@ -6042,7 +6058,7 @@ CVE-2023-23491 (The Quick Event Manager WordPress Plugin, version < 9.7.5, is
NOT-FOR-US: WordPress Plugin
CVE-2023-23490 (The Survey Maker WordPress Plugin, version < 3.1.2, is affected by ...)
NOT-FOR-US: WordPress Plugin
-CVE-2023-23489 (The Easy Digital Downloads WordPress Plugin, version < 3.1.0.4, is ...)
+CVE-2023-23489 (The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3. ...)
NOT-FOR-US: WordPress Plugin
CVE-2023-23488 (The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affe ...)
NOT-FOR-US: WordPress Plugin
@@ -7993,8 +8009,8 @@ CVE-2023-22834
RESERVED
CVE-2023-22833
RESERVED
-CVE-2023-22832
- RESERVED
+CVE-2023-22832 (The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19. ...)
+ TODO: check
CVE-2023-22831
RESERVED
CVE-2023-22830
@@ -11385,7 +11401,7 @@ CVE-2022-47656 (GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Ov
NOTE: https://github.com/gpac/gpac/issues/2353
NOTE: https://github.com/gpac/gpac/commit/c9a8118965b53d29837b1b82b6a58543efb23baf (v2.2.0)
CVE-2022-47655 (Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_q ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1
NOTE: https://github.com/strukturag/libde265/issues/367
NOTE: https://github.com/strukturag/libde265/pull/376
@@ -15712,10 +15728,10 @@ CVE-2022-46663 (In GNU Less before 609, crafted data can result in "less -R" not
NOTE: Fixed by: https://github.com/gwsw/less/commit/a78e1351113cef564d790a730d657a321624d79c
CVE-2022-46651
RESERVED
-CVE-2022-46650
- RESERVED
-CVE-2022-46649
- RESERVED
+CVE-2022-46650 (Acemanager in ALEOS before version 4.16 allows a user with valid crede ...)
+ TODO: check
+CVE-2022-46649 (Acemanager in ALEOS before version 4.16 allows a user with valid crede ...)
+ TODO: check
CVE-2022-46647
RESERVED
CVE-2022-46646
@@ -18326,8 +18342,8 @@ CVE-2022-45768 (Command Injection vulnerability in Edimax Technology Co., Ltd. W
NOT-FOR-US: Edimax
CVE-2022-45767
RESERVED
-CVE-2022-45766
- RESERVED
+CVE-2022-45766 (Hardcoded credentials in Global Facilities Management Software (GFMS) ...)
+ TODO: check
CVE-2022-45765
RESERVED
CVE-2022-45764
@@ -28136,26 +28152,26 @@ CVE-2022-43254 (GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain
NOTE: https://github.com/gpac/gpac/commit/4520e38aa030f059264c69b426bd8133206fbfe6
NOTE: Negligible security impact
CVE-2022-43253 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1025816)
NOTE: https://github.com/strukturag/libde265/issues/348
CVE-2022-43252 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/347
CVE-2022-43251
RESERVED
CVE-2022-43250 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/346
CVE-2022-43249 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.11-1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/345
NOTE: https://github.com/strukturag/libde265/pull/373
CVE-2022-43248 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1025816)
NOTE: https://github.com/strukturag/libde265/issues/349
CVE-2022-43247
@@ -28163,48 +28179,48 @@ CVE-2022-43247
CVE-2022-43246
RESERVED
CVE-2022-43245 (Libde265 v1.0.8 was discovered to contain a segmentation violation via ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.11-1 (bug #1029357)
NOTE: https://github.com/strukturag/libde265/issues/352
NOTE: https://github.com/strukturag/libde265/commit/ad291690a8c92218b9e86738edd45ed64736b246 (v1.0.10)
CVE-2022-43244 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/342
CVE-2022-43243 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1025816)
NOTE: https://github.com/strukturag/libde265/issues/339
CVE-2022-43242 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/340
CVE-2022-43241 (Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/338
CVE-2022-43240 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/335
CVE-2022-43239 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/341
CVE-2022-43238 (Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/338
CVE-2022-43237 (Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vuln ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/344
CVE-2022-43236 (Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vuln ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/343
CVE-2022-43235 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/337
CVE-2022-43234 (An arbitrary file upload vulnerability in the /attachments component o ...)
@@ -31959,6 +31975,7 @@ CVE-2022-41863
RESERVED
CVE-2022-41862
RESERVED
+ {DLA-3316-1}
- postgresql-15 15.2-1
- postgresql-13 <removed>
[bullseye] - postgresql-13 <no-dsa> (Minor issue)
@@ -52134,12 +52151,12 @@ CVE-2022-34456 (Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Inj
NOT-FOR-US: EMC
CVE-2022-34455
RESERVED
-CVE-2022-34454
- RESERVED
+CVE-2022-34454 (Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buff ...)
+ TODO: check
CVE-2022-34453
RESERVED
-CVE-2022-34452
- RESERVED
+CVE-2022-34452 (PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* ...)
+ TODO: check
CVE-2022-34451
RESERVED
CVE-2022-34450
@@ -68466,6 +68483,7 @@ CVE-2022-1255 (The Import and export users and customers WordPress plugin before
CVE-2022-1254 (A URL redirection vulnerability in Skyhigh SWG in main releases 10.x p ...)
NOT-FOR-US: Skyhigh SWG
CVE-2022-1253 (Heap-based Buffer Overflow in GitHub repository strukturag/libde265 pr ...)
+ {DSA-5346-1}
- libde265 1.0.8-1.1 (bug #1014977)
[buster] - libde265 <not-affected> (Vulnerable code introduced later)
[stretch] - libde265 <not-affected> (Vulnerable code introduced later)
@@ -80983,8 +81001,8 @@ CVE-2022-24412 (Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper ha
NOT-FOR-US: EMC
CVE-2022-24411 (Dell PowerScale OneFS 8.2.2 and above contain an elevation of privileg ...)
NOT-FOR-US: Dell PowerScale OneFS
-CVE-2022-24410
- RESERVED
+CVE-2022-24410 (Dell BIOS contains an information exposure vulnerability. An unauthent ...)
+ TODO: check
CVE-2022-24409 (Dell BSAFE SSL-J contains remediation for a covert timing channel vuln ...)
NOT-FOR-US: Dell
CVE-2022-24380
@@ -119495,13 +119513,13 @@ CVE-2021-36412 (A heap-based buffer overflow vulnerability exists in MP4Box in G
NOTE: https://github.com/gpac/gpac/issues/1838
NOTE: https://github.com/gpac/gpac/commit/828188475084db87cebc34208b6bd2509709845e (v2.0.0)
CVE-2021-36411 (An issue has been found in libde265 v1.0.8 due to incorrect access con ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.8-1.1 (bug #1014977)
[stretch] - libde265 <no-dsa> (Minor issue)
NOTE: https://github.com/strukturag/libde265/issues/302
NOTE: https://github.com/strukturag/libde265/commit/45904e5667c5bf59c67fcdc586dfba110832894c
CVE-2021-36410 (A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion. ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.8-1.1 (bug #1014977)
[stretch] - libde265 <no-dsa> (Minor issue)
NOTE: https://github.com/strukturag/libde265/issues/301
@@ -119509,13 +119527,13 @@ CVE-2021-36410 (A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-m
CVE-2021-3641 (Improper Link Resolution Before File Access ('Link Following') vulnera ...)
NOT-FOR-US: Bitdefender
CVE-2021-36409 (There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.8-1.1 (bug #1014977)
[stretch] - libde265 <no-dsa> (Minor issue)
NOTE: https://github.com/strukturag/libde265/issues/300
NOTE: https://github.com/strukturag/libde265/commit/64d591a6c70737604ca3f5791736fc462cbe8a3c
CVE-2021-36408 (An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-f ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.8-1.1 (bug #1014977)
[stretch] - libde265 <no-dsa> (Minor issue)
NOTE: https://github.com/strukturag/libde265/issues/299
@@ -121953,7 +121971,7 @@ CVE-2021-35454
CVE-2021-35453
RESERVED
CVE-2021-35452 (An Incorrect Access Control vulnerability exists in libde265 v1.0.8 du ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.8-1.1 (bug #1014977)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/298
@@ -187958,68 +187976,69 @@ CVE-2020-21608
CVE-2020-21607
RESERVED
CVE-2020-21606 (libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_ ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/232
CVE-2020-21605 (libde265 v1.0.4 contains a segmentation fault in the apply_sao_interna ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/234
CVE-2020-21604 (libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/231
CVE-2020-21603 (libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fa ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/240
CVE-2020-21602 (libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bi ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1004963)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/242
CVE-2020-21601 (libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallb ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/241
CVE-2020-21600 (libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pr ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1004963)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/243
CVE-2020-21599 (libde265 v1.0.4 contains a heap buffer overflow in the de265_image::av ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/235
NOTE: https://github.com/strukturag/libde265/commit/a3f1c6a0dea2b0d4a531255ad06ed40cdb184d25 (v1.0.9)
CVE-2020-21598 (libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unw ...)
- {DLA-3280-1 DLA-3240-1}
+ {DSA-5346-1 DLA-3280-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1004963)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/237
CVE-2020-21597 (libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma funct ...)
- {DLA-3280-1 DLA-3240-1}
+ {DSA-5346-1 DLA-3280-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/238
CVE-2020-21596 (libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_ ...)
- {DLA-3280-1}
+ {DSA-5346-1 DLA-3280-1}
- libde265 1.0.11-1 (bug #1029397)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/236
NOTE: https://github.com/strukturag/libde265/commit/6751f4e3c8c7af63d0036fedd506b7932630773c (v1.0.10)
CVE-2020-21595 (libde265 v1.0.4 contains a heap buffer overflow in the mc_luma functio ...)
- {DLA-3240-1}
+ {DSA-5346-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/239
CVE-2020-21594 (libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fal ...)
+ {DSA-5346-1}
- libde265 1.0.3-1 (bug #1029396)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/233
@@ -331415,8 +331434,8 @@ CVE-2018-7937 (In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5
NOT-FOR-US: Huawei
CVE-2018-7936 (Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0 ...)
NOT-FOR-US: Huawei
-CVE-2018-7935
- RESERVED
+CVE-2018-7935 (There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322 ...)
+ TODO: check
CVE-2018-7934 (Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C4 ...)
NOT-FOR-US: Huawei
CVE-2018-7933 (Huawei home gateway products HiRouter-CD20 and WS5200 with the version ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edf2ad4983bf461f8db3fd4cb06dbc9cf773da92
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edf2ad4983bf461f8db3fd4cb06dbc9cf773da92
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230210/73d3b572/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list