[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jan 30 08:10:26 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
75ee869b by security tracker role at 2023-01-30T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,407 @@
+CVE-2023-24803
+	RESERVED
+CVE-2023-24802
+	RESERVED
+CVE-2023-24801
+	RESERVED
+CVE-2023-24800
+	RESERVED
+CVE-2023-24799
+	RESERVED
+CVE-2023-24798
+	RESERVED
+CVE-2023-24797
+	RESERVED
+CVE-2023-24796
+	RESERVED
+CVE-2023-24795
+	RESERVED
+CVE-2023-24794
+	RESERVED
+CVE-2023-24793
+	RESERVED
+CVE-2023-24792
+	RESERVED
+CVE-2023-24791
+	RESERVED
+CVE-2023-24790
+	RESERVED
+CVE-2023-24789
+	RESERVED
+CVE-2023-24788
+	RESERVED
+CVE-2023-24787
+	RESERVED
+CVE-2023-24786
+	RESERVED
+CVE-2023-24785
+	RESERVED
+CVE-2023-24784
+	RESERVED
+CVE-2023-24783
+	RESERVED
+CVE-2023-24782
+	RESERVED
+CVE-2023-24781
+	RESERVED
+CVE-2023-24780
+	RESERVED
+CVE-2023-24779
+	RESERVED
+CVE-2023-24778
+	RESERVED
+CVE-2023-24777
+	RESERVED
+CVE-2023-24776
+	RESERVED
+CVE-2023-24775
+	RESERVED
+CVE-2023-24774
+	RESERVED
+CVE-2023-24773
+	RESERVED
+CVE-2023-24772
+	RESERVED
+CVE-2023-24771
+	RESERVED
+CVE-2023-24770
+	RESERVED
+CVE-2023-24769
+	RESERVED
+CVE-2023-24768
+	RESERVED
+CVE-2023-24767
+	RESERVED
+CVE-2023-24766
+	RESERVED
+CVE-2023-24765
+	RESERVED
+CVE-2023-24764
+	RESERVED
+CVE-2023-24763
+	RESERVED
+CVE-2023-24762
+	RESERVED
+CVE-2023-24761
+	RESERVED
+CVE-2023-24760
+	RESERVED
+CVE-2023-24759
+	RESERVED
+CVE-2023-24758
+	RESERVED
+CVE-2023-24757
+	RESERVED
+CVE-2023-24756
+	RESERVED
+CVE-2023-24755
+	RESERVED
+CVE-2023-24754
+	RESERVED
+CVE-2023-24753
+	RESERVED
+CVE-2023-24752
+	RESERVED
+CVE-2023-24751
+	RESERVED
+CVE-2023-24750
+	RESERVED
+CVE-2023-24749
+	RESERVED
+CVE-2023-24748
+	RESERVED
+CVE-2023-24747
+	RESERVED
+CVE-2023-24746
+	RESERVED
+CVE-2023-24745
+	RESERVED
+CVE-2023-24744
+	RESERVED
+CVE-2023-24743
+	RESERVED
+CVE-2023-24742
+	RESERVED
+CVE-2023-24741
+	RESERVED
+CVE-2023-24740
+	RESERVED
+CVE-2023-24739
+	RESERVED
+CVE-2023-24738
+	RESERVED
+CVE-2023-24737
+	RESERVED
+CVE-2023-24736
+	RESERVED
+CVE-2023-24735
+	RESERVED
+CVE-2023-24734
+	RESERVED
+CVE-2023-24733
+	RESERVED
+CVE-2023-24732
+	RESERVED
+CVE-2023-24731
+	RESERVED
+CVE-2023-24730
+	RESERVED
+CVE-2023-24729
+	RESERVED
+CVE-2023-24728
+	RESERVED
+CVE-2023-24727
+	RESERVED
+CVE-2023-24726
+	RESERVED
+CVE-2023-24725
+	RESERVED
+CVE-2023-24724
+	RESERVED
+CVE-2023-24723
+	RESERVED
+CVE-2023-24722
+	RESERVED
+CVE-2023-24721
+	RESERVED
+CVE-2023-24720
+	RESERVED
+CVE-2023-24719
+	RESERVED
+CVE-2023-24718
+	RESERVED
+CVE-2023-24717
+	RESERVED
+CVE-2023-24716
+	RESERVED
+CVE-2023-24715
+	RESERVED
+CVE-2023-24714
+	RESERVED
+CVE-2023-24713
+	RESERVED
+CVE-2023-24712
+	RESERVED
+CVE-2023-24711
+	RESERVED
+CVE-2023-24710
+	RESERVED
+CVE-2023-24709
+	RESERVED
+CVE-2023-24708
+	RESERVED
+CVE-2023-24707
+	RESERVED
+CVE-2023-24706
+	RESERVED
+CVE-2023-24705
+	RESERVED
+CVE-2023-24704
+	RESERVED
+CVE-2023-24703
+	RESERVED
+CVE-2023-24702
+	RESERVED
+CVE-2023-24701
+	RESERVED
+CVE-2023-24700
+	RESERVED
+CVE-2023-24699
+	RESERVED
+CVE-2023-24698
+	RESERVED
+CVE-2023-24697
+	RESERVED
+CVE-2023-24696
+	RESERVED
+CVE-2023-24695
+	RESERVED
+CVE-2023-24694
+	RESERVED
+CVE-2023-24693
+	RESERVED
+CVE-2023-24692
+	RESERVED
+CVE-2023-24691
+	RESERVED
+CVE-2023-24690
+	RESERVED
+CVE-2023-24689
+	RESERVED
+CVE-2023-24688
+	RESERVED
+CVE-2023-24687
+	RESERVED
+CVE-2023-24686
+	RESERVED
+CVE-2023-24685
+	RESERVED
+CVE-2023-24684
+	RESERVED
+CVE-2023-24683
+	RESERVED
+CVE-2023-24682
+	RESERVED
+CVE-2023-24681
+	RESERVED
+CVE-2023-24680
+	RESERVED
+CVE-2023-24679
+	RESERVED
+CVE-2023-24678
+	RESERVED
+CVE-2023-24677
+	RESERVED
+CVE-2023-24676
+	RESERVED
+CVE-2023-24675
+	RESERVED
+CVE-2023-24674
+	RESERVED
+CVE-2023-24673
+	RESERVED
+CVE-2023-24672
+	RESERVED
+CVE-2023-24671
+	RESERVED
+CVE-2023-24670
+	RESERVED
+CVE-2023-24669
+	RESERVED
+CVE-2023-24668
+	RESERVED
+CVE-2023-24667
+	RESERVED
+CVE-2023-24666
+	RESERVED
+CVE-2023-24665
+	RESERVED
+CVE-2023-24664
+	RESERVED
+CVE-2023-24663
+	RESERVED
+CVE-2023-24662
+	RESERVED
+CVE-2023-24661
+	RESERVED
+CVE-2023-24660
+	RESERVED
+CVE-2023-24659
+	RESERVED
+CVE-2023-24658
+	RESERVED
+CVE-2023-24657
+	RESERVED
+CVE-2023-24656
+	RESERVED
+CVE-2023-24655
+	RESERVED
+CVE-2023-24654
+	RESERVED
+CVE-2023-24653
+	RESERVED
+CVE-2023-24652
+	RESERVED
+CVE-2023-24651
+	RESERVED
+CVE-2023-24650
+	RESERVED
+CVE-2023-24649
+	RESERVED
+CVE-2023-24648
+	RESERVED
+CVE-2023-24647
+	RESERVED
+CVE-2023-24646
+	RESERVED
+CVE-2023-24645
+	RESERVED
+CVE-2023-24644
+	RESERVED
+CVE-2023-24643
+	RESERVED
+CVE-2023-24642
+	RESERVED
+CVE-2023-24641
+	RESERVED
+CVE-2023-24640
+	RESERVED
+CVE-2023-24639
+	RESERVED
+CVE-2023-24638
+	RESERVED
+CVE-2023-24637
+	RESERVED
+CVE-2023-24636
+	RESERVED
+CVE-2023-24635
+	RESERVED
+CVE-2023-24634
+	RESERVED
+CVE-2023-24633
+	RESERVED
+CVE-2023-24632
+	RESERVED
+CVE-2023-24631
+	RESERVED
+CVE-2023-24630
+	RESERVED
+CVE-2023-24629
+	RESERVED
+CVE-2023-24628
+	RESERVED
+CVE-2023-24627
+	RESERVED
+CVE-2023-24626
+	RESERVED
+CVE-2023-24625
+	RESERVED
+CVE-2023-24624
+	RESERVED
+CVE-2023-24623 (Paranoidhttp before 0.3.0 allows SSRF because [::] is equivalent to th ...)
+	TODO: check
+CVE-2023-24622 (isInList in the safeurl-python package before 1.2 for Python has an in ...)
+	TODO: check
+CVE-2023-24621
+	RESERVED
+CVE-2023-24620
+	RESERVED
+CVE-2023-24619
+	RESERVED
+CVE-2023-24618
+	RESERVED
+CVE-2023-24617
+	RESERVED
+CVE-2023-24616
+	RESERVED
+CVE-2023-24615
+	RESERVED
+CVE-2023-24614
+	RESERVED
+CVE-2023-24613
+	RESERVED
+CVE-2023-24612 (The PdfBook extension through 2.0.5 before b07b6a64 for MediaWiki allo ...)
+	TODO: check
+CVE-2023-24611
+	RESERVED
+CVE-2023-24610
+	RESERVED
+CVE-2023-24609
+	RESERVED
+CVE-2023-24608
+	RESERVED
+CVE-2023-0573
+	RESERVED
+CVE-2023-0572 (Unchecked Error Condition in GitHub repository froxlor/froxlor prior t ...)
+	TODO: check
+CVE-2022-4898
+	RESERVED
+CVE-2022-48304
+	RESERVED
+CVE-2022-48303 (GNU Tar through 1.34 has a one-byte out-of-bounds read that results in ...)
+	TODO: check
+CVE-2021-46873 (WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account  ...)
+	TODO: check
 CVE-2023-0571 (A vulnerability has been found in SourceCodester Canteen Management Sy ...)
 	NOT-FOR-US: SourceCodester Canteen Management System
 CVE-2023-0570 (A vulnerability, which was classified as critical, was found in Source ...)
@@ -64,10 +468,10 @@ CVE-2023-24598
 	RESERVED
 CVE-2023-24597
 	RESERVED
-CVE-2023-0566
-	RESERVED
-CVE-2023-0565
-	RESERVED
+CVE-2023-0566 (Static Code Injection in GitHub repository froxlor/froxlor prior to 2. ...)
+	TODO: check
+CVE-2023-0565 (Business Logic Errors in GitHub repository froxlor/froxlor prior to 2. ...)
+	TODO: check
 CVE-2023-0564 (Weak Password Requirements in GitHub repository froxlor/froxlor prior  ...)
 	- froxlor <itp> (bug #581792)
 CVE-2023-0563 (A vulnerability classified as problematic has been found in PHPGurukul ...)
@@ -1445,8 +1849,8 @@ CVE-2023-24067
 	RESERVED
 CVE-2023-24066
 	RESERVED
-CVE-2023-24065
-	RESERVED
+CVE-2023-24065 (NOSH 4a5cfdb allows stored XSS via the create user page. For example,  ...)
+	TODO: check
 CVE-2023-24064
 	RESERVED
 CVE-2023-24063
@@ -5484,6 +5888,7 @@ CVE-2023-22742 (libgit2 is a cross-platform, linkable library implementation of
 	NOTE: https://github.com/libgit2/libgit2/commit/42e5db98b963ae503229c63e44e06e439df50e56 (v1.5.1)
 	NOTE: https://github.com/libgit2/libgit2/security/advisories/GHSA-8643-3wh5-rmjq
 CVE-2023-22741 (Sofia-SIP is an open-source SIP User-Agent library, compliant with the ...)
+	{DLA-3292-1}
 	- sofia-sip <unfixed> (bug #1029654)
 	NOTE: https://github.com/freeswitch/sofia-sip/commit/9defd6f72dd416ee4fcc1a23cccbb159990da0f6 (v1.13.11)
 	NOTE: https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54
@@ -7263,14 +7668,14 @@ CVE-2023-22336
 	RESERVED
 CVE-2023-22335
 	RESERVED
-CVE-2023-22333
-	RESERVED
-CVE-2023-22332
-	RESERVED
-CVE-2023-22324
-	RESERVED
-CVE-2023-22322
-	RESERVED
+CVE-2023-22333 (Cross-site scripting vulnerability in EasyMail 2.00.130 and earlier al ...)
+	TODO: check
+CVE-2023-22332 (Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4. ...)
+	TODO: check
+CVE-2023-22324 (SQL injection vulnerability in the CONPROSYS HMI System (CHS) Ver.3.5. ...)
+	TODO: check
+CVE-2023-22322 (Improper restriction of XML external entity reference (XXE) vulnerabil ...)
+	TODO: check
 CVE-2023-22320 (OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM ...)
 	NOT-FOR-US: OpenAM Web Policy Agent (different from src:openam)
 CVE-2023-22316 (Hidden functionality vulnerability in PIX-RT100 versions RT100_TEQ_2.1 ...)
@@ -17695,7 +18100,7 @@ CVE-2022-45061 (An issue was discovered in Python before 3.11.1. An unnecessary
 	NOTE: https://github.com/python/cpython/commit/82ca2839c9ec6bf9a9400e791a52411824df67f3 (v3.8.16)
 	NOTE: https://github.com/python/cpython/commit/b0b590be9597fd5919228d251812dd54145f70a7 (v3.7.16)
 CVE-2022-45060 (An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and  ...)
-	{DLA-3208-1}
+	{DSA-5334-1 DLA-3208-1}
 	- varnish 7.1.1-1.1 (bug #1023751)
 	NOTE: https://varnish-cache.org/security/VSV00011.html
 	NOTE: https://github.com/varnishcache/varnish-cache/commit/515a93df894430767073ccd8265497b6b25b54b5
@@ -68786,8 +69191,8 @@ CVE-2022-27598
 	RESERVED
 CVE-2022-27597
 	RESERVED
-CVE-2022-27596
-	RESERVED
+CVE-2022-27596 (A vulnerability has been reported to affect QNAP device running QuTS h ...)
+	TODO: check
 CVE-2022-27595
 	RESERVED
 CVE-2022-27594
@@ -73324,8 +73729,8 @@ CVE-2022-25971
 	RESERVED
 CVE-2022-25970
 	RESERVED
-CVE-2022-25967
-	RESERVED
+CVE-2022-25967 (Versions of the package eta before 2.0.0 are vulnerable to Remote Code ...)
+	TODO: check
 CVE-2022-25965
 	RESERVED
 CVE-2022-25964
@@ -73366,8 +73771,8 @@ CVE-2022-25938
 	RESERVED
 CVE-2022-25937
 	RESERVED
-CVE-2022-25936
-	RESERVED
+CVE-2022-25936 (Versions of the package servst before 2.0.3 are vulnerable to Director ...)
+	TODO: check
 CVE-2022-25935
 	RESERVED
 CVE-2022-25934



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75ee869b47cada35e944041e8f73379c861245ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75ee869b47cada35e944041e8f73379c861245ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230130/9942a471/attachment.htm>

More information about the debian-security-tracker-commits mailing list