[Git][security-tracker-team/security-tracker][master] Add CVE-2023-28370/python-tornado
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 25 21:46:32 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0b36b8a4 by Salvatore Bonaccorso at 2023-05-25T22:45:30+02:00
Add CVE-2023-28370/python-tornado
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,7 +55,8 @@ CVE-2023-2500 (The Go Pricing - WordPress Responsive Pricing Tables plugin for W
CVE-2023-2480 (Missing access permissions checks in M-Files Client before 23.5.12598. ...)
NOT-FOR-US: M-Files
CVE-2023-28370 (Open redirect vulnerability in Tornado versions 6.3.1 and earlier allo ...)
- TODO: check
+ - python-tornado <unfixed>
+ NOTE: https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f (v6.3.2)
CVE-2023-27529 (Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an ...)
NOT-FOR-US: Wacom Tablet Driver installer
CVE-2023-XXXX [Block themes parsing shortcodes in user-generated data]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b36b8a4a2f380882504560e08df0217d3a3dd8d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b36b8a4a2f380882504560e08df0217d3a3dd8d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230525/ad1114a7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list