Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
50d2abe2 by Moritz Muehlenhoff at 2023-11-29T08:49:35+01:00
NFUs (concludes external check)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,7 +61,7 @@ CVE-2023-41264 (Netwrix Usercube before 6.0.215, in certain
misconfigured on-pre
CVE-2023-40056 (SQL Injection Remote Code Vulnerability was found in the
SolarWinds Pl ...)
NOT-FOR-US: SolarWinds
CVE-2023-34055 (In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and
3.1.0-3.1.5, ...)
- TODO: check
+ NOT-FOR-US: Spring Boot
CVE-2023-46589 (Improper Input Validation vulnerability in Apache
Tomcat.Tomcat from 1 ...)
- tomcat10 <unfixed>
- tomcat9 9.0.70-2
@@ -167,7 +167,7 @@ CVE-2023-35136 (An improper input validation vulnerability
in the \u201cQuagga\u
CVE-2023-34054 (In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13
and versi ...)
TODO: check
CVE-2023-34053 (In Spring Framework versions 6.0.0 - 6.0.13, it is possible
for a user ...)
- TODO: check
+ - libspring-java <not-affected> (Only affects 6.x)
CVE-2023-32065 (OroCommerce is an open-source Business to Business Commerce
applicatio ...)
NOT-FOR-US: OroCommerce
CVE-2023-32064 (OroCommerce package with customer portal and non authenticated
visitor ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50d2abe29cad04014a0f7fdaa90500c0752e7cc1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50d2abe29cad04014a0f7fdaa90500c0752e7cc1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
