[Git][security-tracker-team/security-tracker][master] Add CVE-2023-48706/vim
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 23 05:42:46 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8e1f01a8 by Salvatore Bonaccorso at 2023-11-23T06:42:14+01:00
Add CVE-2023-48706/vim
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,8 @@
+CVE-2023-48706 [heap-use-after-free in ex_substitute]
+ - vim <unfixed> (unimportant)
+ NOTE: https://github.com/vim/vim/security/advisories/GHSA-c8qm-x72m-q53q
+ NOTE: Fixed by: https://github.com/vim/vim/commit/26c11c56888d01e298cd8044caf8 (v9.0.2121)
+ NOTE: Crash in CLI tool, no security impact
CVE-2023-6265 (Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory tr ...)
NOT-FOR-US: Draytek Vigor2960
CVE-2023-6264 (Information leak in Content-Security-Policy header in Devolutions Serv ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e1f01a85dbb404e35db58fee400af523326c852
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e1f01a85dbb404e35db58fee400af523326c852
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231123/4b362ac7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list