[Git][security-tracker-team/security-tracker][master] Add CVE-2023-45960/dom4j
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Oct 28 08:59:50 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97de0da9 by Salvatore Bonaccorso at 2023-10-28T09:59:17+02:00
Add CVE-2023-45960/dom4j
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -796,7 +796,10 @@ CVE-2023-46068 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-46010 (An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary comm ...)
NOT-FOR-US: SeaCMS
CVE-2023-45960 (An issue in dom4.j org.dom4.io.SAXReader v.2.1.4 and before allows a r ...)
- TODO: check
+ - dom4j <unfixed> (unimportant)
+ NOTE: https://github.com/dom4j/dom4j/issues/171
+ NOTE: Not considered as a vulnerability by upstream:
+ NOTE: https://github.com/dom4j/dom4j/issues/171#issuecomment-1781547256
CVE-2023-45837 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XYDAC Ul ...)
NOT-FOR-US: WordPress plugin
CVE-2023-45835 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Libsyn L ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97de0da9981aa7f8f9f9f99a224a1eb4ef6ae474
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97de0da9981aa7f8f9f9f99a224a1eb4ef6ae474
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231028/2813ccb2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list