[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Mar 18 08:10:22 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
346c5615 by security tracker role at 2023-03-18T08:10:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1567,10 +1567,10 @@ CVE-2023-28118
 	RESERVED
 CVE-2023-28117
 	RESERVED
-CVE-2023-28116
-	RESERVED
-CVE-2023-28115
-	RESERVED
+CVE-2023-28116 (Contiki-NG is an open-source, cross-platform operating system for inte ...)
+	TODO: check
+CVE-2023-28115 (Snappy is a PHP library allowing thumbnail, snapshot or PDF generation ...)
+	TODO: check
 CVE-2023-28114
 	RESERVED
 CVE-2023-28113 (russh is a Rust SSH client and server library. Starting in version 0.3 ...)
@@ -3099,12 +3099,12 @@ CVE-2023-27597 (OpenSIPS is a Session Initiation Protocol (SIP) server implement
 	NOT-FOR-US: OpenSIPS
 CVE-2023-27596 (OpenSIPS is a Session Initiation Protocol (SIP) server implementation. ...)
 	NOT-FOR-US: OpenSIPS
-CVE-2023-27595
-	RESERVED
-CVE-2023-27594
-	RESERVED
-CVE-2023-27593
-	RESERVED
+CVE-2023-27595 (Cilium is a networking, observability, and security solution with an e ...)
+	TODO: check
+CVE-2023-27594 (Cilium is a networking, observability, and security solution with an e ...)
+	TODO: check
+CVE-2023-27593 (Cilium is a networking, observability, and security solution with an e ...)
+	TODO: check
 CVE-2023-27592 (Miniflux is a feed reader. Since v2.0.25, Miniflux will automatically  ...)
 	TODO: check
 CVE-2023-27591 (Miniflux is a feed reader. Prior to version 2.0.43, an unauthenticated ...)
@@ -4154,8 +4154,8 @@ CVE-2023-27255
 	RESERVED
 CVE-2023-27254
 	RESERVED
-CVE-2023-27253
-	RESERVED
+CVE-2023-27253 (A command injection vulnerability in the function restore_rrddata() of ...)
+	TODO: check
 CVE-2023-27252
 	RESERVED
 CVE-2023-27251
@@ -6870,8 +6870,8 @@ CVE-2023-26115
 	RESERVED
 CVE-2023-26114
 	RESERVED
-CVE-2023-26113
-	RESERVED
+CVE-2023-26113 (Versions of the package collection.js before 6.8.1 are vulnerable to P ...)
+	TODO: check
 CVE-2023-26112
 	RESERVED
 CVE-2023-26111 (All versions of the package @nubosoftware/node-static; all versions of ...)
@@ -9984,8 +9984,8 @@ CVE-2023-25082
 	RESERVED
 CVE-2023-25081
 	RESERVED
-CVE-2023-25069
-	RESERVED
+CVE-2023-25069 (TXOne StellarOne has an improper access control privilege escalation v ...)
+	TODO: check
 CVE-2023-24018
 	RESERVED
 CVE-2023-22653
@@ -11044,8 +11044,8 @@ CVE-2023-24680
 	RESERVED
 CVE-2023-24679
 	RESERVED
-CVE-2023-24678
-	RESERVED
+CVE-2023-24678 (A vulnerability in Centralite Pearl Thermostat 0x04075010 allows attac ...)
+	TODO: check
 CVE-2023-24677
 	RESERVED
 CVE-2023-24676
@@ -12287,8 +12287,7 @@ CVE-2023-24280
 	RESERVED
 CVE-2023-24279 (A cross-site scripting (XSS) vulnerability in Open Networking Foundati ...)
 	NOT-FOR-US: Open Networking Foundation ONOS
-CVE-2023-24278
-	RESERVED
+CVE-2023-24278 (Squidex before 7.4.0 was discovered to contain a squid.svg cross-site  ...)
 	NOT-FOR-US: Squidex
 CVE-2023-24277
 	RESERVED
@@ -29889,11 +29888,11 @@ CVE-2022-44798
 	RESERVED
 CVE-2022-44797 (btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta a ...)
 	NOT-FOR-US: btcd
-CVE-2022-44796 (An issue was discovered in Object First 1.0.7.712. The authorization s ...)
+CVE-2022-44796 (An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Th ...)
 	NOT-FOR-US: Object First
-CVE-2022-44795 (An issue was discovered in Object First 1.0.7.712. A flaw was found in ...)
+CVE-2022-44795 (An issue was discovered in Object First Ootbi BETA build 1.0.7.712. A  ...)
 	NOT-FOR-US: Object First
-CVE-2022-44794 (An issue was discovered in Object First 1.0.7.712. Management protocol ...)
+CVE-2022-44794 (An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Ma ...)
 	NOT-FOR-US: Object First
 CVE-2022-44793 (handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-S ...)
 	{DLA-3270-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/346c5615007b9a7eba6eb102e2315c8c0bf662cd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/346c5615007b9a7eba6eb102e2315c8c0bf662cd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230318/2ec9d21a/attachment.htm>


More information about the debian-security-tracker-commits mailing list