[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 27 Jan 2024 12:12:34 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
db08fc1d by security tracker role at 2024-01-27T20:12:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2024-0962 (A vulnerability was found in obgm libcoap 4.3.4. It has been 
rated as  ...)
+       TODO: check
+CVE-2024-0960 (A vulnerability was found in flink-extended ai-flow 0.3.1. It 
has been ...)
+       TODO: check
+CVE-2024-0959 (A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has 
been c ...)
+       TODO: check
 CVE-2024-23506 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-22862 (Integer overflow vulnerability in FFmpeg before n6.1, allows 
remote at ...)
@@ -47,6 +53,7 @@ CVE-2023-48202 (Cross-Site Scripting (XSS) vulnerability in 
Sunlight CMS 8.0.1 a
 CVE-2023-48201 (Cross Site Scripting (XSS) vulnerability in Sunlight CMS 
v.8.0.1, allo ...)
        NOT-FOR-US: Sunlight CMS
 CVE-2024-0444 [GStreamer-SA-2024-0001: AV1 codec parser potential buffer 
overflow during tile list parsing]
+       {DSA-5608-1}
        - gst-plugins-bad1.0 1.22.9-1
        [buster] - gst-plugins-bad1.0 <not-affected> (AV1 parser introduced in 
1.17.1)
        - gst-plugins-bad0.10 <removed>
@@ -1614,6 +1621,7 @@ CVE-2023-34348 (AVEVA PI Server versions 2023 and 2018 
SP3 P05 and prior contain
 CVE-2023-31274 (AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior 
contain a vul ...)
        NOT-FOR-US: AVEVA PI Server
 CVE-2024-23525 (The Spreadsheet::ParseXLSX package before 0.30 for Perl allows 
XXE att ...)
+       {DLA-3723-1}
        - libspreadsheet-parsexlsx-perl 0.31-1 (bug #1061098)
        [bookworm] - libspreadsheet-parsexlsx-perl <no-dsa> (Slight minor 
issue; will be fixed in point release)
        [bullseye] - libspreadsheet-parsexlsx-perl <no-dsa> (Slight minor 
issue; will be fixed in point release)
@@ -3641,6 +3649,7 @@ CVE-2024-0333 (Insufficient data validation in Extensions 
in Google Chrome prior
 CVE-2024-22370 (In JetBrains YouTrack before 2023.3.22666 stored XSS via 
markdown was  ...)
        NOT-FOR-US: JetBrains YouTrack
 CVE-2024-22368 (The Spreadsheet::ParseXLSX package before 0.28 for Perl can 
encounter  ...)
+       {DLA-3723-1}
        - libspreadsheet-parsexlsx-perl 0.29-1
        [bookworm] - libspreadsheet-parsexlsx-perl <no-dsa> (Minor issue; DoS, 
can be fixed in point release)
        [bullseye] - libspreadsheet-parsexlsx-perl <no-dsa> (Minor issue; DoS, 
can be fixed in point release)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db08fc1de72bf4c0b892b420ef8d1df4780ef141

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db08fc1de72bf4c0b892b420ef8d1df4780ef141
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to