diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2023-10-28 20:11:40 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2023-10-28 20:11:40 +0000 |
| commit | 32522bfedd44175ac10b7acedf37d38161296c5f (patch) | |
| tree | c52819dc9aafe72ffbaa27d85be342469291c975 /data | |
| parent | 76b4fd98ae3b802ccd128b89d5674348243b8a7d (diff) | |
automatic update
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list index d234218031..c8ff97b3ee 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,9 @@ +CVE-2023-5835 (A vulnerability classified as problematic was found in hu60t hu60wap6. ...) + TODO: check +CVE-2023-5426 (The Post Meta Data Manager plugin for WordPress is vulnerable to unaut ...) + TODO: check +CVE-2023-5425 (The Post Meta Data Manager plugin for WordPress is vulnerable to unaut ...) + TODO: check CVE-2023-46129 [nkeys: xkeys Seal encryption used fixed key for all encryption] - golang-github-nats-io-nkeys <unfixed> [bookworm] - golang-github-nats-io-nkeys <not-affected> (Vulnerable code not present) @@ -3148,6 +3154,7 @@ CVE-2023-5218 (Use after free in Site Isolation in Google Chrome prior to 118.0. - chromium 118.0.5993.70-1 [buster] - chromium <end-of-life> (see DSA 5046) CVE-2023-4421 + {DLA-3634-1} - nss 2:3.61-1 NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1651411 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2238677 @@ -5417,7 +5424,7 @@ CVE-2023-42114 [Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vu NOTE: https://www.openwall.com/lists/oss-security/2023/10/01/4 NOTE: https://exim.org/static/doc/security/CVE-2023-zdi.txt CVE-2023-40476 [Integer overflow in H.265 video parser leading to stack overwrite] - {DSA-5533-1} + {DSA-5533-1 DLA-3633-1} - gst-plugins-bad1.0 <unfixed> (bug #1053259) - gst-plugins-bad0.10 <removed> NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0008.html @@ -5425,7 +5432,7 @@ CVE-2023-40476 [Integer overflow in H.265 video parser leading to stack overwrit NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/ff91a3d8d6f7e2412c44663bf30fad5c7fdbc9d9 NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/fddda166222a067d0e511950a0a8cfb9f5a521b7 (1.22.6) CVE-2023-40475 [Integer overflow leading to heap overwrite in MXF file handling with AES3 audio] - {DSA-5533-1} + {DSA-5533-1 DLA-3633-1} - gst-plugins-bad1.0 <unfixed> (bug #1053260) - gst-plugins-bad0.10 <removed> NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0007.html @@ -5433,7 +5440,7 @@ CVE-2023-40475 [Integer overflow leading to heap overwrite in MXF file handling NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/72742dee30cce7bf909639f82de119871566ce39 NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/1edd1c38dcc5d27e7c5649d999ee8278872a16d4 (1.22.6) CVE-2023-40474 [Integer overflow leading to heap overwrite in MXF file handling with uncompressed video] - {DSA-5533-1} + {DSA-5533-1 DLA-3633-1} - gst-plugins-bad1.0 <unfixed> (bug #1053261) - gst-plugins-bad0.10 <removed> NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0006.html @@ -222446,6 +222453,7 @@ CVE-2020-25649 (A flaw was found in FasterXML Jackson Databind, where it did not NOTE: https://github.com/FasterXML/jackson-databind/issues/2589 NOTE: https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1) CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ...) + {DLA-3634-1} - nss 2:3.58-1 [stretch] - nss <no-dsa> (Minor issue) NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes |