[Git][security-tracker-team/security-tracker][master] Add CVE-2023-33201/bouncycastle
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jul 1 07:54:06 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f6fd3d81 by Salvatore Bonaccorso at 2023-07-01T08:53:29+02:00
Add CVE-2023-33201/bouncycastle
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4379,6 +4379,9 @@ CVE-2023-33203 (The Linux kernel before 6.2.9 has a race condition and resultant
[bullseye] - linux 5.10.178-1
[buster] - linux 4.19.282-1
NOTE: https://git.kernel.org/linus/6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 (6.3-rc4)
+CVE-2023-33201 [potential blind LDAP injection attack using a self-signed certificate]
+ - bouncycastle <unfixed>
+ NOTE: https://github.com/bcgit/bc-java/wiki/CVE-2023-33201
CVE-2023-31729 (TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection.)
NOT-FOR-US: TOTOLINK
CVE-2023-2780 (Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prio ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6fd3d8149722d53a99b1459153d333d4eaf9eaa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6fd3d8149722d53a99b1459153d333d4eaf9eaa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230701/aed0cb7e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list