[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
26d5575d by security tracker role at 2023-10-15T20:12:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2023-38312 (A directory traversal vulnerability in Valve Counter-Strike 8684 allow ...)
+	TODO: check
+CVE-2018-25091 (urllib3 before 1.24.2 does not remove the authorization HTTP header wh ...)
+	TODO: check
 CVE-2023-5586 (NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0 ...)
 	TODO: check
 CVE-2023-5585 (A vulnerability was found in SourceCodester Online Motorcycle Rental S ...)
@@ -1442,7 +1446,7 @@ CVE-2023-45311 (fsevents before 1.2.11 depends on the https://fsevents-binaries.
 	NOT-FOR-US: fsevents
 CVE-2023-45303 (ThingsBoard before 3.5 allows Server-Side Template Injection if users  ...)
 	NOT-FOR-US: ThingsBoard
-CVE-2023-45282 (In NASA Open MCT (aka openmct) 2.2.5 before 545a177, prototype polluti ...)
+CVE-2023-45282 (In NASA Open MCT (aka openmct) before 3.1.0, prototype pollution can o ...)
 	NOT-FOR-US: NASA Open MCT (aka openmct)
 CVE-2023-45246 (Sensitive information disclosure and manipulation due to improper auth ...)
 	NOT-FOR-US: Acronis



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26d5575d7d0f69a3a0989f4772e5d26b51c4bdcf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26d5575d7d0f69a3a0989f4772e5d26b51c4bdcf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231015/68bf3262/attachment-0001.htm>