[Git][security-tracker-team/security-tracker][master] Add CVE-2023-0437/mongo-c-driver
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 13 16:14:22 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
720db6fb by Salvatore Bonaccorso at 2024-01-13T17:13:58+01:00
Add CVE-2023-0437/mongo-c-driver
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59082,7 +59082,8 @@ CVE-2023-0439 (The NEX-Forms WordPress plugin before 8.4.4 does not escape its f
CVE-2023-0438 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
NOT-FOR-US: Modoboa
CVE-2023-0437 (When calling bson_utf8_validateon some inputs a loop with an exit cond ...)
- TODO: check
+ - mongo-c-driver 1.25.0-1
+ NOTE: https://jira.mongodb.org/browse/CDRIVER-4747
CVE-2023-0436 (The affected versions of MongoDB Atlas Kubernetes Operator may print s ...)
NOT-FOR-US: MongoDB Atlas Kubernetes Operator
CVE-2022-48282 (Under very specific circumstances (see Required configuration section ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/720db6fb4d0a91ec876e1f3aa0822b0e0609a746
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/720db6fb4d0a91ec876e1f3aa0822b0e0609a746
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240113/18682fa4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list