[Git][security-tracker-team/security-tracker][master] new python-reportlab issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jun 6 10:36:25 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3641fea by Moritz Muehlenhoff at 2023-06-06T11:35:59+02:00
new python-reportlab issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64,7 +64,9 @@ CVE-2023-33956 (Kanboard is open source project management software that focuses
NOTE: https://github.com/kanboard/kanboard/security/advisories/GHSA-r36m-44gg-wxg2
NOTE: https://github.com/kanboard/kanboard/commit/437b141fa2267df36976814e704517f30d2424bd (v1.2.30)
CVE-2023-33733 (Reportlab up to v3.6.12 allows attackers to execute arbitrary code via ...)
- TODO: check
+ - python-reportlab <unfixed>
+ NOTE: https://docs.reportlab.com/releases/notes/whats-new-3613/
+ NOTE: https://github.com/c53elyas/CVE-2023-33733
CVE-2023-33693 (A buffer overflow in EasyPlayerPro-Win v3.2.19.0106 to v3.6.19.0823 al ...)
NOT-FOR-US: EasyPlayerPro-Win
CVE-2023-33690 (SonicJS up to v0.7.0 allows attackers to execute an authenticated path ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3641fea75d942c82345654fd253a5afb2e57f4f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3641fea75d942c82345654fd253a5afb2e57f4f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230606/0a0a2f28/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list