[Git][security-tracker-team/security-tracker][master] Add new glpi issues

Thu, 14 Dec 2023 13:16:57 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
59b6fd13 by Salvatore Bonaccorso at 2023-12-14T22:16:26+01:00
Add new glpi issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -581,9 +581,13 @@ CVE-2023-47062 (Adobe Dimension versions 3.4.10 and 
earlier are affected by an o
 CVE-2023-47061 (Adobe Dimension versions 3.4.10 and earlier are affected by an 
out-of- ...)
        NOT-FOR-US: Adobe
 CVE-2023-46727 (GLPI is a free asset and IT management software package. 
Starting in v ...)
-       TODO: check
+       - glpi <removed>
+       NOTE: 
https://github.com/glpi-project/glpi/security/advisories/GHSA-v799-2mp3-wgfr
+       NOTE: 
https://github.com/glpi-project/glpi/commit/ee2d674481ebef177037e8e14d35c9455b5cfd46
 CVE-2023-46726 (GLPI is a free asset and IT management software package. 
Starting in v ...)
-       TODO: check
+       - glpi <removed>
+       NOTE: 
https://github.com/glpi-project/glpi/security/advisories/GHSA-qc92-gxc6-5f95
+       NOTE: 
https://github.com/glpi-project/glpi/commit/42ba2b031bec0b3889317db25f3adf9080fc11b2
 CVE-2023-46247 (Vyper is a Pythonic Smart Contract Language for the Ethereum 
Virtual M ...)
        NOT-FOR-US: Vyper
 CVE-2023-44362 (Adobe Prelude versions 22.6 and earlier are affected by an 
Access of U ...)
@@ -593,7 +597,9 @@ CVE-2023-44252 (** UNSUPPORTED WHEN ASSIGNED **An improper 
authentication vulner
 CVE-2023-44251 (** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a 
pathname to  ...)
        NOT-FOR-US: FortiGuard
 CVE-2023-43813 (GLPI is a free asset and IT management software package. 
Starting in v ...)
-       TODO: check
+       - glpi <removed>
+       NOTE: 
https://github.com/glpi-project/glpi/security/advisories/GHSA-94c3-fw5r-3362
+       NOTE: 
https://github.com/glpi-project/glpi/commit/4bd7f02d940953b9cbc9d285f7544bb0e490e75e
 CVE-2023-42495 (Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper 
Neutraliz ...)
        NOT-FOR-US: Dasan Networks W-Web
 CVE-2023-34194 (StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in 
TinyXML ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59b6fd13ee31b6e9fd31c6995f6b6d3a3b54ca19

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59b6fd13ee31b6e9fd31c6995f6b6d3a3b54ca19
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to