[Git][security-tracker-team/security-tracker][master] new libowasp-antisamy-java issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Oct 9 22:30:41 BST 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb7651b5 by Moritz Muehlenhoff at 2023-10-09T23:30:17+02:00
new libowasp-antisamy-java issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -89,7 +89,9 @@ CVE-2023-43697 (Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK
 CVE-2023-43696 (Improper Access Control in SICK APU allows an unprivileged remote atta ...)
 	NOT-FOR-US: SICK
 CVE-2023-43643 (AntiSamy is a library for performing fast, configurable cleansing of H ...)
-	TODO: check
+	- libowasp-antisamy-java <unfixed>
+	NOTE: https://github.com/nahsra/antisamy/security/advisories/GHSA-pcf2-gh6g-h5r2
+	NOTE: https://github.com/nahsra/antisamy/commit/05c52b98bb845b8175b8406bd2f391ce334a05d6 (v1.7.4)
 CVE-2023-42455 (Wazuh is a security detection, visibility, and compliance open source  ...)
 	NOT-FOR-US: Wazuh
 CVE-2023-41672 (Cross-Site Request Forgery (CSRF) vulnerability in R\xe9mi Leclercq Hi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb7651b5671719dab0291d7f3fa314ac75da4d91

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb7651b5671719dab0291d7f3fa314ac75da4d91
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231009/a67a766b/attachment.htm>


More information about the debian-security-tracker-commits mailing list