Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: df3897bb by Salvatore Bonaccorso at 2023-05-24T07:41:57+02:00 Add CVE-2023-32695/node-socket.io-parser - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,8 @@ +CVE-2023-32695 [Insufficient validation when decoding a Socket.IO packet] + - node-socket.io-parser 4.2.1+~3.1.0-2 + NOTE: https://github.com/socketio/socket.io-parser/security/advisories/GHSA-cqmj-92xf-r6r9 + NOTE: https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced (3.4.3) + NOTE: https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3 (4.2.3) CVE-2023-33617 (An OS Command Injection vulnerability in Parks Fiberlink 210 firmware ...) NOT-FOR-US: Parks Fiberlink 210 firmware CVE-2023-33599 (EasyImages2.0 \u2264 2.8.1 is vulnerable to Cross Site Scripting (XSS) ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df3897bbd6a730494ac42ab2be12275be40c819f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df3897bbd6a730494ac42ab2be12275be40c819f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
