[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jan 16 19:38:43 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac7419ed by Moritz Mühlenhoff at 2023-01-16T20:36:38+01:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -66,7 +66,7 @@ CVE-2023-23592
 CVE-2023-23591
 	RESERVED
 CVE-2023-0302 (Failure to Sanitize Special Elements into a Different Plane (Special E ...)
-	- radare2 <unfixed>
+	- radare2 <unfixed> (bug #1029037)
 	NOTE: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
 	NOTE: https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce
 CVE-2023-0301 (Cross-site Scripting (XSS) - Stored in GitHub repository alfio-event/a ...)
@@ -1921,7 +1921,7 @@ CVE-2023-22901
 CVE-2023-22900
 	RESERVED
 CVE-2023-22899 (Zip4j through 2.11.2, as used in Threema and other products, does not  ...)
-	- zip4j <unfixed>
+	- zip4j <unfixed> (bug #1029038)
 	NOTE: https://github.com/srikanth-lingala/zip4j/issues/485
 	NOTE: https://github.com/srikanth-lingala/zip4j/commit/597b31afb473a40e8252de5b5def1876bab198d3
 CVE-2023-22898 (workers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 a ...)
@@ -3089,7 +3089,7 @@ CVE-2014-125039 (A vulnerability, which was classified as problematic, has been
 CVE-2010-10003 (A vulnerability classified as critical was found in gesellix titlelink ...)
 	NOT-FOR-US: gesellix titlelink
 CVE-2023-22602 (When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+,  ...)
-	- shiro <unfixed>
+	- shiro <unfixed> (bug #1029039)
 	NOTE: https://lists.apache.org/thread/dzj0k2smpzzgj6g666hrbrgsrlf9yhkl
 CVE-2023-22601 (InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRo ...)
 	NOT-FOR-US: InHand Networks InRouter



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac7419ed4bb4787d999926f560c38157f839cde2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac7419ed4bb4787d999926f560c38157f839cde2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230116/5060bebb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list