[Git][security-tracker-team/security-tracker][master] bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed May 24 09:01:54 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5d541685 by Moritz Mühlenhoff at 2023-05-24T10:01:38+02:00
bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11265,6 +11265,7 @@ CVE-2023-28145
RESERVED
CVE-2023-28144 (KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configura ...)
- hotspot <unfixed> (bug #1033848)
+ [bookworm] - hotspot <no-dsa> (Minor issue)
[bullseye] - hotspot <no-dsa> (Minor issue)
[buster] - hotspot <not-affected> (Vulnerable code not present, introduced in 1.3.0)
NOTE: https://www.openwall.com/lists/oss-security/2023/03/14/8
@@ -16873,12 +16874,18 @@ CVE-2023-26119 (Versions of the package net.sourceforge.htmlunit:htmlunit from 0
NOT-FOR-US: net.sourceforge.htmlunit:htmlunit
CVE-2023-26118 (Versions of the package angular from 1.4.9 are vulnerable to Regular E ...)
- angular.js <unfixed>
+ [bookworm] - angular.js <no-dsa> (Minor issue)
+ [bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046
CVE-2023-26117 (Versions of the package angular from 1.0.0 are vulnerable to Regular E ...)
- angular.js <unfixed>
+ [bookworm] - angular.js <no-dsa> (Minor issue)
+ [bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045
CVE-2023-26116 (Versions of the package angular from 1.2.21 are vulnerable to Regular ...)
- angular.js <unfixed>
+ [bookworm] - angular.js <no-dsa> (Minor issue)
+ [bullseye] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044
CVE-2023-26115
RESERVED
@@ -96085,6 +96092,7 @@ CVE-2022-25871 (All versions of package querymen are vulnerable to Prototype Pol
NOT-FOR-US: Node querymen
CVE-2022-25869 (All versions of package angular are vulnerable to Cross-site Scripting ...)
- angular.js <unfixed>
+ [bookworm] - angular.js <no-dsa> (Minor issue)
[bullseye] - angular.js <no-dsa> (Minor issue)
[buster] - angular.js <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-2949781
@@ -96143,6 +96151,7 @@ CVE-2022-25845 (The package com.alibaba:fastjson before 1.2.83 are vulnerable to
NOT-FOR-US: com.alibaba:fastjson
CVE-2022-25844 (The package angular after 1.7.0 are vulnerable to Regular Expression D ...)
- angular.js <unfixed> (bug #1014779)
+ [bookworm] - angular.js <no-dsa> (Minor issue)
[bullseye] - angular.js <no-dsa> (Minor issue)
[buster] - angular.js <no-dsa> (Minor issue, probably even not-affected)
[stretch] - angular.js <ignored> (Nodejs in stretch not covered by security support)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d541685df2f3b1eef3eba14b974ba6ba57225b0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d541685df2f3b1eef3eba14b974ba6ba57225b0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230524/ed3b4a39/attachment.htm>
More information about the debian-security-tracker-commits
mailing list