security/vuxml/vuln/2024.xml

  <vuln vid="b3affee8-04d1-11ef-8928-901b0ef714d4">
    <topic>py-social-auth-app-django -- Improper Handling of Case Sensitivity</topic>
    <affects>
      <package>
	<name>py38-social-auth-app-django</name>
	<name>py39-social-auth-app-django</name>
	<name>py310-social-auth-app-django</name>
	<name>py311-social-auth-app-django</name>
	<range><lt>5.4.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>GitHub Advisory Database:</p>
	<blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2024-32879">
	  <p>Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed by a fix released in version 5.4.1. An immediate workaround would be to change collation of the affected field.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-32879</cvename>
      <url>https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3</url>
    </references>
    <dates>
      <discovery>2024-04-24</discovery>
      <entry>2024-04-28</entry>
    </dates>
  </vuln>

  <vuln vid="7a42852d-0347-11ef-9f97-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>124.0.6367.78</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>124.0.6367.78</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html">
	 <p>This update includes 4 security fixes:</p>
	 <ul>
	    <li>[332546345] Critical CVE-2024-4058: Type Confusion in ANGLE. Reported by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure on 2024-04-02</li>
	    <li>[333182464] High CVE-2024-4059: Out of bounds read in V8 API. Reported by Eirik on 2024-04-08</li>
	    <li>[333420620] High CVE-2024-4060: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-4058</cvename>
      <cvename>CVE-2024-4059</cvename>
      <cvename>CVE-2024-4060</cvename>
      <url>https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html</url>
    </references>
    <dates>
      <discovery>2024-04-24</discovery>
      <entry>2024-04-25</entry>
    </dates>
  </vuln>

  <vuln vid="10e86b16-6836-11ee-b06f-0050569ceb3a">
    <topic>Unallowed PHP script execution in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>From the GLPI 10.0.10 Changelog:</p>
	<blockquote
	cite="https://github.com/glpi-project/glpi/releases/tag/10.0.10">
	<p>You will find below security issues fixed in this bugfixes version:
	[SECURITY - Critical] Unallowed PHP script execution (CVE-2023-42802).</p>
	</blockquote>
	<p>The mentioned CVE is invalid</p>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-42802</cvename>
      <url>https://github.com/glpi-project/glpi/releases/tag/10.0.10</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="894f2491-6834-11ee-b06f-0050569ceb3a">
    <topic>glpi-project -- SQL injection in ITIL actors in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>10.0.8,1</ge><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-x3jp-69f2-p84w">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  The ITIL
	actors input field from the Ticket form can be used to perform a
	SQL injection.  Users are advised to upgrade to version 10.0.10.
	There are no known workarounds for this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-42461</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-42461</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="54e5573a-6834-11ee-b06f-0050569ceb3a">
    <topic>Phishing through a login page malicious URL in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>10.0.8,1</ge><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-2hcg-75jj-hghp">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  The lack
	of path filtering on the GLPI URL may allow an attacker to transmit
	a malicious URL of login page that can be used to attempt a phishing
	attack on user credentials.  Users are advised to upgrade to version
	10.0.10.  There are no known workarounds for this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-41888</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-41888</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="20302cbc-6834-11ee-b06f-0050569ceb3a">
    <topic>Users login enumeration by unauthenticated user in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-5cf4-6q6r-49x9">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  An
	unauthenticated user can enumerate users logins.  Users are advised
	to upgrade to version 10.0.10.  There are no known workarounds for
	this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-41323</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-41323</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="ae8b1445-6833-11ee-b06f-0050569ceb3a">
    <topic>Privilege Escalation from technician to super-admin in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.1.0,1</ge><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-9j8m-7563-8xvr">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  A user
	with write access to another user can make requests to change the
	latter&apos;s password and then take control of their account.
	Users are advised to upgrade to version 10.0.10.  There are no known
	work around for this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-41322</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-41322</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="6851f3bb-6833-11ee-b06f-0050569ceb3a">
    <topic>Sensitive fields enumeration through API in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.1.1,1</ge><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-3fxw-j5rj-w836">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  An API
	user can enumerate sensitive fields values on resources on which
	he has read access.  Users are advised to upgrade to version 10.0.10.
	There are no known workarounds for this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-41321</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-41321</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="df71f5aa-6831-11ee-b06f-0050569ceb3a">
    <topic>File deletion through document upload process in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>10.0.0,1</ge><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-hm76-jh96-7j75">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  The document
	upload process can be diverted to delete some files.  Users are
	advised to upgrade to version 10.0.10.  There are no known workarounds
	for this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-42462</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-42462</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="95c4ec45-6831-11ee-b06f-0050569ceb3a">
    <topic>Account takeover through API in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.3.0,1</ge><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-58wj-8jhx-jpm3">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  An API
	user that have read access on users resource can steal accounts of
	other users.  Users are advised to upgrade to version 10.0.10.
	There are no known workarounds for this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-41324</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-41324</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="040e69f1-6831-11ee-b06f-0050569ceb3a">
    <topic>Account takeover via Kanban feature in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.5.0,1</ge><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-5wj6-hp4c-j5q9">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  A logged
	user from any profile can hijack the Kanban feature to alter any
	user field, and end-up with stealing its account.  Users are advised
	to upgrade to version 10.0.10.  There are no known workarounds for
	this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-41326</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-41326</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="6f6518ab-6830-11ee-b06f-0050569ceb3a">
    <topic>Account takeover via SQL Injection in UI layout preferences in GLPI</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>10.0.0,1</ge><lt>10.0.10,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/security/advisories/GHSA-mv2r-gpw3-g476">
	  <p>GLPI stands for Gestionnaire Libre de Parc Informatique is a Free
	Asset and IT Management Software package, that provides ITIL Service
	Desk features, licenses tracking and software auditing.  UI layout
	preferences management can be hijacked to lead to SQL injection.
	This injection can be use to takeover an administrator account.
	Users are advised to upgrade to version 10.0.10.  There are no known
	workarounds for this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-41320</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-41320</url>
    </references>
    <dates>
      <discovery>2023-09-27</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="257e1bf0-682f-11ee-b06f-0050569ceb3a">
    <topic>GLPI vulnerable to SQL injection via dashboard administration</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.5.0,1</ge><lt>10.0.9,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.9">
	  <p>GLPI is a Free Asset and IT Management Software package, Data center
	management, ITIL Service Desk, licenses tracking and software
	auditing.  An administrator can trigger SQL injection via dashboards
	administration.  This vulnerability has been patched in version
	10.0.9.
	</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-37278</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-37278</url>
    </references>
    <dates>
      <discovery>2023-07-13</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="40173815-6827-11ee-b06f-0050569ceb3a">
    <topic>GLPI vulnerable to unauthorized access to User data</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><lt>10.0.8,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.8">
	  <p>GLPI is a free asset and IT management software package.  Versions
	of the software starting with 0.68 and prior to 10.0.8 have an
	incorrect rights check on a on a file accessible by an authenticated
	user.  This allows access to the list of all users and their personal
	information.  Users should upgrade to version 10.0.8 to receive a
	patch.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-34106</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-34106</url>
    </references>
    <dates>
      <discovery>2023-07-05</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="1fe40200-6823-11ee-b06f-0050569ceb3a">
    <topic>GLPI vulnerable to unauthorized access to KnowbaseItem data</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.2.0,1</ge><lt>10.0.8,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.8">
	  <p>GLPI is a free asset and IT management software package.  Versions
	of the software starting with 9.2.0 and prior to 10.0.8 have an
	incorrect rights check on a on a file accessible by an authenticated
	user, allows access to the view all KnowbaseItems.  Version 10.0.8
	has a patch for this issue.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-34107</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-34107</url>
    </references>
    <dates>
      <discovery>2023-07-05</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="b14a6ddc-6821-11ee-b06f-0050569ceb3a">
    <topic>GLPI vulnerable to reflected XSS in search pages</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.4.0,1</ge><lt>10.0.8,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.8">
	  <p>GLPI is a free asset and IT management software package.  Starting
	in version 9.4.0 and prior to version 10.0.8, a malicious link can
	be crafted by an unauthenticated user that can exploit a reflected
	XSS in case any authenticated user opens the crafted link.  Users
	should upgrade to version 10.0.8 to receive a patch.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-34244</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-34244</url>
    </references>
    <dates>
      <discovery>2023-07-05</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="95fde6bc-6821-11ee-b06f-0050569ceb3a">
    <topic>GLPI vulnerable to unauthenticated access to Dashboard data</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.5.0,1</ge><lt>10.0.8,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.8">
	  <p>GLPI is a free asset and IT management software package.  Starting
	in version 9.5.0 and prior to version 10.0.8, an incorrect rights
	check on a file allows an unauthenticated user to be able to access
	dashboards data.  Version 10.0.8 contains a patch for this issue.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-35940</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-35940</url>
    </references>
    <dates>
      <discovery>2023-07-05</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="717efd8a-6821-11ee-b06f-0050569ceb3a">
    <topic>GLPI vulnerable to unauthorized access to Dashboard data</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>9.5.0,1</ge><lt>10.0.8,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.8">
	  <p>GLPI is a free asset and IT management software package.  Starting
	in version 9.5.0 and prior to version 10.0.8, an incorrect rights
	check on a on a file accessible by an authenticated user (or not
	for certain actions), allows a threat actor to interact, modify,
	or see Dashboard data.  Version 10.0.8 contains a patch for this
	issue.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-35939</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-35939</url>
    </references>
    <dates>
      <discovery>2023-07-05</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="548a4163-6821-11ee-b06f-0050569ceb3a">
    <topic>GLPI vulnerable to SQL injection through Computer Virtual Machine information</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><lt>10.0.8,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.8">
	  <p>GLPI is a free asset and IT management software package.  Starting
	in version 0.80 and prior to version 10.0.8, Computer Virtual Machine
	form and GLPI inventory request can be used to perform a SQL injection
	attack.  Version 10.0.8 has a patch for this issue.  As a workaround,
	one may disable native inventory.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-36808</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-36808</url>
    </references>
    <dates>
      <discovery>2023-07-05</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="e44e5ace-6820-11ee-b06f-0050569ceb3a">
    <topic>GLPI vulnerable to SQL injection via inventory agent request</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><ge>10.0.0,1</ge><lt>10.0.8,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security-advisories@github.com reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.8">
	  <p>GLPI is a free asset and IT management software package.  Starting
	in version 10.0.0 and prior to version 10.0.8, GLPI inventory
	endpoint can be used to drive a SQL injection attack.  By default,
	GLPI inventory endpoint requires no authentication.  Version 10.0.8
	has a patch for this issue.  As a workaround, one may disable native
	inventory.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-35924</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-35924</url>
    </references>
    <dates>
      <discovery>2023-07-05</discovery>
      <entry>2023-10-11</entry>
    </dates>
  </vuln>

  <vuln vid="bdfa6c04-027a-11ef-9c21-901b0e9408dc">
    <topic>py-matrix-synapse -- weakness in auth chain indexing allows DoS</topic>
    <affects>
      <package>
	<name>py38-matrix-synapse</name>
	<name>py39-matrix-synapse</name>
	<name>py310-matrix-synapse</name>
	<name>py311-matrix-synapse</name>
	<range><lt>1.105.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Matrix developers report:</p>
	<blockquote cite="https://element.io/blog/security-release-synapse-1-105-1/">
	  <p>Weakness in auth chain indexing allows DoS from remote
	  room members through disk fill and high CPU usage. (High severity)</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-31208</cvename>
      <url>https://element.io/blog/security-release-synapse-1-105-1/</url>
      <url>https://github.com/element-hq/synapse/security/advisories/GHSA-3h7q-rfh9-xm4v</url>
    </references>
    <dates>
      <discovery>2024-04-23</discovery>
      <entry>2024-04-24</entry>
    </dates>
  </vuln>

  <vuln vid="b857606c-0266-11ef-8681-001b217b3468">
    <topic>Gitlab -- vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<name>gitlab-ee</name>
	<range><ge>16.11.0</ge><lt>16.11.1</lt></range>
	<range><ge>16.10.0</ge><lt>16.10.4</lt></range>
	<range><ge>7.8.0</ge><lt>16.9.6</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2024/04/24/patch-release-gitlab-16-11-1-released/">
	  <p>GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider</p>
	  <p>Path Traversal leads to DoS and Restricted File Read</p>
	  <p>Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search</p>
	  <p>Personal Access Token scopes not honoured by GraphQL subscriptions</p>
	  <p>Domain based restrictions bypass using a crafted email address</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-4024</cvename>
      <cvename>CVE-2024-2434</cvename>
      <cvename>CVE-2024-2829</cvename>
      <cvename>CVE-2024-4006</cvename>
      <cvename>CVE-2024-1347</cvename>
      <url>https://about.gitlab.com/releases/2024/04/24/patch-release-gitlab-16-11-1-released/</url>
    </references>
    <dates>
      <discovery>2024-04-24</discovery>
      <entry>2024-04-24</entry>
    </dates>
  </vuln>

  <vuln vid="1af16f2b-023c-11ef-8791-6805ca2fa271">
    <topic>powerdns-recursor -- denial of service</topic>
    <affects>
      <package>
	<name>powerdns-recursor</name>
	<range><lt>5.0.4</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>PowerDNS Team reports:</p>
	<blockquote cite="https://blog.powerdns.com/2024/04/24/powerdns-recursor-4-8-8-4-9-5-5-0-4-released">
	  <p>PowerDNS Security Advisory 2024-02: if recursive forwarding is configured,
	   crafted responses can lead to a denial of service in Recursor</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-25583</cvename>
      <url>https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-02.html</url>
    </references>
    <dates>
      <discovery>2024-04-24</discovery>
      <entry>2024-04-24</entry>
    </dates>
  </vuln>

  <vuln vid="bb49f1fa-00da-11ef-92b7-589cfc023192">
    <topic>GLPI -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><lt>10.0.13,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>GLPI team reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.13">
	  <p>GLPI 10.0.13 Changelog</p>
	  <ul>
	    <li>[SECURITY - high] SQL Injection in through the search engine (CVE-2024-27096)</li>
	    <li>[SECURITY - moderate] Blind SSRF using Arbitrary Object Instantiation (CVE-2024-27098)</li>
	    <li>[SECURITY - moderate] Stored XSS in dashboards (CVE-2024-27104)</li>
	    <li>[SECURITY - moderate] Reflected XSS in debug mode (CVE-2024-27914)</li>
	    <li>[SECURITY - moderate] Sensitive fields access through dropdowns (CVE-2024-27930)</li>
	    <li>[SECURITY - moderate] Users emails enumeration (CVE-2024-27937)</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-27096</cvename>
      <cvename>CVE-2024-27098</cvename>
      <cvename>CVE-2024-27104</cvename>
      <cvename>CVE-2024-27914</cvename>
      <cvename>CVE-2024-27930</cvename>
      <cvename>CVE-2024-27937</cvename>
      <url>https://github.com/glpi-project/glpi/releases/tag/10.0.13</url>
    </references>
    <dates>
      <discovery>2024-03-13</discovery>
      <entry>2024-04-22</entry>
    </dates>
  </vuln>

  <vuln vid="faccf131-00d9-11ef-92b7-589cfc023192">
    <topic>GLPI -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><lt>10.0.12,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>GLPI team reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.12">
	  <p>GLPI 10.0.12 Changelog</p>
	  <ul>
	    <li>[SECURITY - moderate] Reflected XSS in reports pages (CVE-2024-23645)</li>
	    <li>[SECURITY - moderate] LDAP Injection during authentication (CVE-2023-51446)</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-23645</cvename>
      <cvename>CVE-2023-51446</cvename>
      <url>https://github.com/glpi-project/glpi/releases/tag/10.0.12</url>
    </references>
    <dates>
      <discovery>2024-02-01</discovery>
      <entry>2024-04-22</entry>
    </dates>
  </vuln>

  <vuln vid="ed688880-00c4-11ef-92b7-589cfc023192">
    <topic>GLPI -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>glpi</name>
	<range><lt>10.0.11,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>GLPI team reports:</p>
	<blockquote cite="https://github.com/glpi-project/glpi/releases/tag/10.0.11">
	  <p>GLPI 10.0.11 Changelog</p>
	  <ul>
	    <li>[SECURITY - moderate] Authenticated SQL Injection (CVE-2023-43813)</li>
	    <li>[SECURITY - high] SQL injection through inventory agent request (CVE-2023-46727)</li>
	    <li>[SECURITY - high] Remote code execution from LDAP server configuration form on PHP 7.4 (CVE-2023-46726)</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-43813</cvename>
      <cvename>CVE-2023-46727</cvename>
      <cvename>CVE-2023-46726</cvename>
      <url>https://github.com/glpi-project/glpi/releases/tag/10.0.11</url>
    </references>
    <dates>
      <discovery>2023-12-13</discovery>
      <entry>2024-04-22</entry>
    </dates>
  </vuln>

  <vuln vid="2ce1a2f1-0177-11ef-a45e-08002784c58d">
    <topic>ruby -- Arbitrary memory address read vulnerability with Regex search</topic>
    <affects>
      <package>
	<name>ruby</name>
	<range><ge>3.1.0,1</ge><lt>3.1.5,1</lt></range>
	<range><ge>3.2.0,1</ge><lt>3.2.4,1</lt></range>
	<range><ge>3.3.0,1</ge><lt>3.3.1,1</lt></range>
      </package>
      <package>
	<name>ruby31</name>
	<range><ge>3.1.0,1</ge><lt>3.1.5,1</lt></range>
      </package>
      <package>
	<name>ruby32</name>
	<range><ge>3.2.0,1</ge><lt>3.2.4,1</lt></range>
      </package>
      <package>
	<name>ruby33</name>
	<range><ge>3.3.0,1</ge><lt>3.3.1,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>sp2ip reports:</p>
	<blockquote cite="https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/">
	  <p>
	    If attacker-supplied data is provided to the Ruby regex
	    compiler, it is possible to extract arbitrary heap data
	    relative to the start of the text, including pointers and
	    sensitive strings.
	  </p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-27282</cvename>
      <url>https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/</url>
    </references>
    <dates>
      <discovery>2024-04-23</discovery>
      <entry>2024-04-23</entry>
    </dates>
  </vuln>

  <vuln vid="304d92c3-00c5-11ef-bd52-080027bff743">
	<topic>sdl2_sound -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>sdl2_sound</name>
	<range><lt>2.0.2_1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>GitHub Security Lab reports:</p>
	<blockquote cite="https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/">
	  <p>stb_image.h and stb_vorbis libraries contain several memory access violations of different severity</p>
	  <ol>
		<li>Wild address read in stbi__gif_load_next (GHSL-2023-145).</li>
		<li>Multi-byte read heap buffer overflow in stbi__vertical_flip (GHSL-2023-146).</li>
		<li>Disclosure of uninitialized memory in stbi__tga_load (GHSL-2023-147).</li>
		<li>Double-free in stbi__load_gif_main_outofmem (GHSL-2023-148).</li>
		<li>Null pointer dereference in stbi__convert_format (GHSL-2023-149).</li>
		<li>Possible double-free or memory leak in stbi__load_gif_main (GHSL-2023-150).</li>
		<li>Null pointer dereference because of an uninitialized variable (GHSL-2023-151).</li>
		<li>0 byte write heap buffer overflow in start_decoder (GHSL-2023-165)</li>
		<li>Multi-byte write heap buffer overflow in start_decoder (GHSL-2023-166)</li>
		<li>Heap buffer out of bounds write in start_decoder (GHSL-2023-167)</li>
		<li>Off-by-one heap buffer write in start_decoder (GHSL-2023-168)</li>
		<li>Attempt to free an uninitialized memory pointer in vorbis_deinit (GHSL-2023-169)</li>
		<li>Null pointer dereference in vorbis_deinit (GHSL-2023-170)</li>
		<li>Out of bounds heap buffer write (GHSL-2023-171)</li>
		<li>Wild address read in vorbis_decode_packet_rest (GHSL-2023-172)</li>
	  </ol>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-45676</cvename>
      <cvename>CVE-2023-45677</cvename>
      <cvename>CVE-2023-45680</cvename>
      <cvename>CVE-2023-45681</cvename>
      <cvename>CVE-2023-45682</cvename>
	  <url>https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/</url>
    </references>
    <dates>
      <discovery>2023-10-20</discovery>
      <entry>2024-04-22</entry>
    </dates>
  </vuln>

  <vuln vid="9bed230f-ffc8-11ee-8e76-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>124.0.6367.60</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>124.0.6367.60</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html">
	 <p>This update includes 23 security fixes:</p>
	 <ul>
	    <li>[331358160] High CVE-2024-3832: Object corruption in V8. Reported by Man Yue Mo of GitHub Security Lab on 2024-03-27</li>
	    <li>[331383939] High CVE-2024-3833: Object corruption in WebAssembly. Reported by Man Yue Mo of GitHub Security Lab on 2024-03-27</li>
	    <li>[330759272] High CVE-2024-3914: Use after free in V8. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024 on 2024-03-21</li>
	    <li>[326607008] High CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang on 2024-02-24</li>
	    <li>[41491379] Medium CVE-2024-3837: Use after free in QUIC. Reported by {rotiple, dch3ck} of CW Research Inc. on 2024-01-15</li>
	    <li>[328278717] Medium CVE-2024-3838: Inappropriate implementation in Autofill. Reported by Ardyan Vicky Ramadhan on 2024-03-06</li>
	    <li>[41491859] Medium CVE-2024-3839: Out of bounds read in Fonts. Reported by Ronald Crane (Zippenhop LLC) on 2024-01-16</li>
	    <li>[41493458] Medium CVE-2024-3840: Insufficient policy enforcement in Site Isolation. Reported by Ahmed ElMasry on 2024-01-22</li>
	    <li>[330376742] Medium CVE-2024-3841: Insufficient data validation in Browser Switcher. Reported by Oleg on 2024-03-19</li>
	    <li>[41486690] Medium CVE-2024-3843: Insufficient data validation in Downloads. Reported by Azur on 2023-12-24</li>
	    <li>[40058873] Low CVE-2024-3844: Inappropriate implementation in Extensions. Reported by Alesandro Ortiz on 2022-02-23</li>
	    <li>[323583084] Low CVE-2024-3845: Inappropriate implementation in Network. Reported by Daniel Baulig on 2024-02-03</li>
	    <li>[40064754] Low CVE-2024-3846: Inappropriate implementation in Prompts. Reported by Ahmed ElMasry on 2023-05-23</li>
	    <li>[328690293] Low CVE-2024-3847: Insufficient policy enforcement in WebUI. Reported by Yan Zhu on 2024-03-08</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-3832</cvename>
      <cvename>CVE-2024-3833</cvename>
      <cvename>CVE-2024-3914</cvename>
      <cvename>CVE-2024-3834</cvename>
      <cvename>CVE-2024-3837</cvename>
      <cvename>CVE-2024-3838</cvename>
      <cvename>CVE-2024-3839</cvename>
      <cvename>CVE-2024-3840</cvename>
      <cvename>CVE-2024-3841</cvename>
      <cvename>CVE-2024-3843</cvename>
      <cvename>CVE-2024-3844</cvename>
      <cvename>CVE-2024-3845</cvename>
      <cvename>CVE-2024-3846</cvename>
      <cvename>CVE-2024-3847</cvename>
      <url>https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html</url>
    </references>
    <dates>
      <discovery>2024-04-16</discovery>
      <entry>2024-04-21</entry>
    </dates>
  </vuln>

  <vuln vid="ecafc4af-fe8a-11ee-890c-08002784c58d">
    <topic>clamav -- Possible crash in the HTML file parser that could cause a denial-of-service (DoS) condition</topic>
    <affects>
      <package>
	<name>clamav</name>
	<range><ge>1.3.0,1</ge><lt>1.3.1,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Błażej Pawłowski reports:</p>
	<blockquote cite="https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html">
	  <p>
	    A vulnerability in the HTML parser of ClamAV could allow
	    an unauthenticated, remote attacker to cause a denial of
	    service (DoS) condition on an affected device. The
	    vulnerability is due to an issue in the C to Rust foreign
	    function interface. An attacker could exploit this
	    vulnerability by submitting a crafted file containing HTML
	    content to be scanned by ClamAV on an affected device. An
	    exploit could allow the attacker to cause the ClamAV
	    scanning process to terminate, resulting in a DoS
	    condition on the affected software.
	  </p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-20380</cvename>
      <url>https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html</url>
    </references>
    <dates>
      <discovery>2024-04-17</discovery>
      <entry>2024-04-19</entry>
    </dates>
  </vuln>

  <vuln vid="4ebdd56b-fe72-11ee-bc57-00e081b7aa2d">
    <topic>jenkins -- Terrapin SSH vulnerability in Jenkins CLI client</topic>
    <affects>
      <package>
	<name>jenkins</name>
	<range><lt>2.452</lt></range>
      </package>
      <package>
	<name>jenkins-lts</name>
	<range><lt>2.440.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Jenkins Security Advisory:</p>
	<blockquote cite="https://www.jenkins.io/security/advisory/2024-04-17/">
	  <h1>Description</h1>
	  <h5>(Medium) SECURITY-3386 / CVE-2023-48795</h5>
	  <p>Terrapin SSH vulnerability in Jenkins CLI client</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-48795</cvename>
      <url>https://www.jenkins.io/security/advisory/2024-04-17/</url>
    </references>
    <dates>
      <discovery>2024-04-17</discovery>
      <entry>2024-04-19</entry>
    </dates>
  </vuln>

  <vuln vid="f90bf863-e43c-4db3-b5a8-d9603684657a">
    <topic>electron{27,28,29} -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.3.11</lt></range>
      </package>
      <package>
	<name>electron28</name>
	<range><lt>28.3.1</lt></range>
      </package>
      <package>
	<name>electron29</name>
	<range><lt>29.3.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron develpers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.11">
	  <p>This update fixes the following vulnerabilities:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-3515.</li>
	    <li>Security: backported fix for CVE-2024-3516.</li>
	    <li>Security: backported fix for CVE-2024-3157.</li>
	    <li>Security: backported fix for CVE-2024-1580.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-3515</cvename>
      <url>https://github.com/advisories/GHSA-x6cj-gx36-vcxv</url>
      <cvename>CVE-2024-3516</cvename>
      <url>https://github.com/advisories/GHSA-jf9g-42gm-v87w</url>
      <cvename>CVE-2024-3157</cvename>
      <url>https://github.com/advisories/GHSA-4m4g-p795-cmq7</url>
      <cvename>CVE-2024-1580</cvename>
      <url>https://github.com/advisories/GHSA-3p7f-4r2q-wxmm</url>
    </references>
    <dates>
      <discovery>2024-04-16</discovery>
      <entry>2024-04-18</entry>
    </dates>
  </vuln>

  <vuln vid="6d82c5e9-fc24-11ee-a689-04421a1baf97">
    <topic>php -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>php81</name>
	<range><lt>8.1.28</lt></range>
      </package>
      <package>
	<name>php82</name>
	<range><lt>8.2.18</lt></range>
      </package>
      <package>
	<name>php83</name>
	<range><lt>8.3.6</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>This update includes 3 security fixes:</p>
    <blockquote cite="https://seclists.org/oss-sec/2024/q2/113/">
	 <ul>
	   <li>High CVE-2024-1874: Command injection via array-ish $command parameter of proc_open even if bypass_shell option enabled on Windows</li>
	   <li>High CVE-2024-1874: Command injection via array-ish $command parameter of proc_open even if bypass_shell option enabled on Windows</li>
       <li>Medium CVE-2024-2756: __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix</li>
       <li>High CVE-2024-2757: mb_encode_mimeheader runs endlessly for some inputs</li>
	 </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1874</cvename>
      <url>https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7</url>
      <cvename>CVE-2024-2756</cvename>
      <url>https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4</url>
      <cvename>CVE-2024-3096</cvename>
      <url>https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr</url>
      <cvename>CVE-2024-2757</cvename>
      <url>https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq</url>
    </references>
    <dates>
      <discovery>2024-04-11</discovery>
      <entry>2024-04-16</entry>
    </dates>
  </vuln>

  <vuln vid="cdb5e0e3-fafc-11ee-9c21-901b0e9408dc">
    <topic>go -- http2: close connections when receiving too many headers</topic>
    <affects>
      <package>
	<name>go122</name>
	<range><lt>1.22.2</lt></range>
      </package>
      <package>
	<name>go121</name>
	<range><lt>1.21.9</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Go project reports:</p>
	<blockquote cite="https://go.dev/issue/65051">
	  <p>http2: close connections when receiving too many headers</p>
	  <p>Maintaining HPACK state requires that we parse and
	  process all HEADERS and CONTINUATION frames on a
	  connection. When a request's headers exceed MaxHeaderBytes,
	  we don't allocate memory to store the excess headers but we
	  do parse them. This permits an attacker to cause an HTTP/2
	  endpoint to read arbitrary amounts of header data, all
	  associated with a request which is going to be
	  rejected. These headers can include Huffman-encoded data
	  which is significantly more expensive for the receiver to
	  decode than for an attacker to send.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-45288</cvename>
      <url>https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M/m/khALNYGdAAAJ</url>
    </references>
    <dates>
      <discovery>2024-04-03</discovery>
      <entry>2024-04-15</entry>
    </dates>
  </vuln>

  <vuln vid="7314942b-0889-46f0-b02b-2c60aabe4a82">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>123.0.6312.122</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>123.0.6312.122</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html">
	 <p>This update includes 3 security fixes:</p>
	 <ul>
	    <li>[331237485] High CVE-2024-3157: Out of bounds write in Compositing. Reported by DarkNavy on 2024-03-26</li>
	    <li>[328859176] High CVE-2024-3516: Heap buffer overflow in ANGLE. Reported by Bao (zx) Pham and Toan (suto) Pham of Qrious Secure on 2024-03-09</li>
	    <li>[331123811] High CVE-2024-3515: Use after free in Dawn. Reported by wgslfuzz on 2024-03-25</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-3157</cvename>
      <cvename>CVE-2024-3516</cvename>
      <cvename>CVE-2024-3515</cvename>
      <url>https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html</url>
    </references>
    <dates>
      <discovery>2024-04-10</discovery>
      <entry>2024-04-12</entry>
    </dates>
  </vuln>

  <vuln vid="080936ba-fbb7-11ee-abc8-6960f2492b1d">
    <topic>PuTTY and embedders (f.i., filezilla) -- biased RNG with NIST P521/ecdsa-sha2-nistp521 signatures permits recovering private key</topic>
    <affects>
      <package>
	<name>putty</name>
	<range><ge>0.68</ge><lt>0.81</lt></range>
      </package>
      <package>
	<name>putty-nogtk</name>
	<range><ge>0.68</ge><lt>0.81</lt></range>
      </package>
      <package>
	<name>filezilla</name>
	<range><lt>3.67.0</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Simon Tatham reports:</p>
	<blockquote cite="https://lists.tartarus.org/pipermail/putty-announce/2024/000038.html">
	  <p>ECDSA signatures using 521-bit keys (the NIST P521 curve,
	    otherwise known as ecdsa-sha2-nistp521) were generated with biased
	    random numbers. This permits an attacker in possession of a few
	    dozen signatures to RECOVER THE PRIVATE KEY.</p>
	  <p>Any 521-bit ECDSA private key that PuTTY or Pageant has used to
	    sign anything should be considered compromised.</p>
	  <p>Additionally, if you have any 521-bit ECDSA private keys that
	    you've used with PuTTY, you should consider them to be
	    compromised: generate new keys, and remove the old public keys
	    from any authorized_keys files.</p>
	</blockquote>
	<blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2024-31497">
	  <p>
	    A second, independent scenario is that the adversary is an operator
	    of an SSH server to which the victim authenticates (for remote login
	    or file copy), [...] and the victim uses the same private key for
	    SSH connections to other services operated by other entities. Here,
	    the rogue server operator (who would otherwise have no way to
	    determine the victim's private key) can derive the victim's private
	    key, and then use it for unauthorized access to those other
	    services. If the other services include Git services, then again it
	    may be possible to conduct supply-chain attacks on software
	    maintained in Git. This also affects, for example, FileZilla before
	    3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and
	    TortoiseSVN through 1.14.6.
	  </p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-31497</cvename>
      <url>https://lists.tartarus.org/pipermail/putty-announce/2024/000038.html</url>
      <url>https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html</url>
      <url>https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&amp;p=simon/putty.git</url>
      <url>https://filezilla-project.org/versions.php</url>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2024-31497</url>
    </references>
    <dates>
      <discovery>2024-04-01</discovery> <!-- see git.tartarus.org link to commit c193fe9848f -->
      <entry>2024-04-16</entry>
    </dates>
  </vuln>

  <vuln vid="31617e47-7eec-4c60-9fdf-8aee61622bab">
    <topic>electron{27,28} -- Out of bounds memory access in V8</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.3.10</lt></range>
      </package>
      <package>
	<name>electron28</name>
	<range><lt>28.3.0</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.10">
	  <p>This update fixes the following vulnerability:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-3159.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-3159</cvename>
      <url>https://github.com/advisories/GHSA-mh2p-2x66-3hr4</url>
    </references>
    <dates>
      <discovery>2024-04-10</discovery>
      <entry>2024-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="7c217849-f7d7-11ee-a490-84a93843eb75">
    <topic>OpenSSL -- Unbounded memory growth with session handling in TLSv1.3</topic>
    <affects>
      <package>
	<name>openssl</name>
	<range><lt>3.0.13_3,1</lt></range>
      </package>
      <package>
	<name>openssl31</name>
	<range><lt>3.1.5_3</lt></range>
      </package>
      <package>
	<name>openssl32</name>
	<range><lt>3.2.1_2</lt></range>
      </package>
      <package>
	<name>openssl-quictls</name>
	<range><lt>3.0.13_3</lt></range>
      </package>
      <package>
	<name>openssl31-quictls</name>
	<range><lt>3.1.5_1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The OpenSSL project reports:</p>
	<blockquote cite="https://www.openssl.org/news/secadv/20240408.txt">
	  <p>Some non-default TLS server configurations can cause unbounded
	    memory growth when processing TLSv1.3 sessions</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-2511</cvename>
      <url>https://www.openssl.org/news/secadv/20240408.txt</url>
    </references>
    <dates>
      <discovery>2024-04-08</discovery>
      <entry>2024-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="c092be0e-f7cc-11ee-aa6b-b42e991fc52e">
    <topic>forgejo -- HTTP/2 CONTINUATION flood in net/http</topic>
    <affects>
      <package>
	<name>forgejo</name>
	<range><lt>1.21.8</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>security@golang.org reports:</p>
	<blockquote cite="https://go.dev/cl/576155">
	  <p>An attacker may cause an HTTP/2 endpoint to read arbitrary amounts
	of header data by sending an excessive number of CONTINUATION frames.
	Maintaining HPACK state requires parsing and processing all HEADERS
	and CONTINUATION frames on a connection.  When a request&apos;s
	headers exceed MaxHeaderBytes, no memory is allocated to store the
	excess headers, but they are still parsed.  This permits an attacker
	to cause an HTTP/2 endpoint to read arbitrary amounts of header
	data, all associated with a request which is going to be rejected.
	These headers can include Huffman-encoded data which is significantly
	more expensive for the receiver to decode than for an attacker to
	send.  The fix sets a limit on the amount of excess header frames
	we will process before closing a connection.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-45288</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-45288</url>
    </references>
    <dates>
      <discovery>2024-04-04</discovery>
      <entry>2024-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="02be46c1-f7cc-11ee-aa6b-b42e991fc52e">
    <topic>jose -- DoS vulnerability</topic>
    <affects>
      <package>
	<name>jose</name>
	<range><lt>13</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>cve@mitre.org reports:</p>
	<blockquote cite="https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md">
	<p>
	  latchset jose through version 11 allows attackers to cause
	  a denial of service (CPU consumption) via a large p2c (aka
	  PBES2 Count) value.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-50967</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-50967</url>
    </references>
    <dates>
      <discovery>2024-03-20</discovery>
      <entry>2024-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="dad6294c-f7c1-11ee-bb77-001b217b3468">
    <topic>Gitlab -- Patch Release: 16.10.2, 16.9.4, 16.8.6</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>16.10.0</ge><lt>16.10.2</lt></range>
	<range><ge>16.9.0</ge><lt>16.9.4</lt></range>
	<range><lt>16.8.6</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2024/04/10/patch-release-gitlab-16-10-2-released/">
	  <p>Stored XSS injected in diff viewer</p>
	  <p>Stored XSS via autocomplete results</p>
	  <p>Redos on Integrations Chat Messages</p>
	  <p>Redos During Parse Junit Test Report</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-3092</cvename>
      <cvename>CVE-2024-2279</cvename>
      <cvename>CVE-2023-6489</cvename>
      <cvename>CVE-2023-6678</cvename>
      <url>https://about.gitlab.com/releases/2024/04/10/patch-release-gitlab-16-10-2-released/</url>
    </references>
    <dates>
      <discovery>2024-04-10</discovery>
      <entry>2024-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="ea4a2dfc-f761-11ee-af2c-589cfc0f81b0">
    <topic>wordpress -- XSS</topic>
    <affects>
      <package>
	<name>wordpress</name>
	<name>fr-wordpress-fr_FR</name>
	<range><ge>6.5.0,1</ge><lt>6.5.1,1</lt></range>
	<range><lt>6.4.4,1</lt></range>
      </package>
      <package>
	<name>ru-wordpress-ru_RU</name>
	<name>ja-wordpress-ja</name>
	<name>zh-wordpress-zh_CN</name>
	<name>zh-wordpress-zh_TW</name>
	<name>de-wordpress-de_DE</name>
	<range><ge>6.5.0</ge><lt>6.5.1</lt></range>
	<range><lt>6.4.4</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Wordpress team reports:</p>
	<blockquote cite="https://wordpress.org/documentation/wordpress-version/version-6-4-4/">
	  <p>A cross-site scripting (XSS) vulnerability affecting the Avatar block type</p>
	</blockquote>
	</body>
    </description>
    <references>
      <url>https://wordpress.org/documentation/wordpress-version/version-6-4-4/</url>
    </references>
    <dates>
      <discovery>2024-04-09</discovery>
      <entry>2024-04-10</entry>
    </dates>
  </vuln>

  <vuln vid="8e6f684b-f333-11ee-a573-84a93843eb75">
    <topic>Apache httpd -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>apache24</name>
	<range><lt>2.4.59</lt></range>
      </package>
      <package>
	<name>mod_http2</name>
	<range><lt>2.0.27</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Apache httpd project reports:</p>
	<blockquote cite="https://downloads.apache.org/httpd/CHANGES_2.4.59">
	  <p>HTTP/2 DoS by memory exhaustion on endless continuation frames</p>
	  <p>HTTP Response Splitting in multiple modules</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-27316</cvename>
      <cvename>CVE-2024-24795</cvename>
      <cvename>CVE-2024-38709</cvename>
      <url>https://downloads.apache.org/httpd/CHANGES_2.4.59</url>
    </references>
    <dates>
      <discovery>2024-04-04</discovery>
      <entry>2024-04-05</entry>
    </dates>
  </vuln>

  <vuln vid="c2431c4e-622c-4d92-996d-d8b5258ae8c9">
    <topic>electron{27,28} -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.3.9</lt></range>
      </package>
      <package>
	<name>electron28</name>
	<range><lt>28.2.10</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.9">
	  <p>This update fixes the following vulnerabilities:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-2885.</li>
	    <li>Security: backported fix for CVE-2024-2883.</li>
	    <li>Security: backported fix for CVE-2024-2887.</li>
	    <li>Security: backported fix for CVE-2024-2886.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-2885</cvename>
      <url>https://github.com/advisories/GHSA-qccw-wmvp-8pv9</url>
      <cvename>CVE-2024-2883</cvename>
      <url>https://github.com/advisories/GHSA-gg9c-7j6m-3qq2</url>
      <cvename>CVE-2024-2887</cvename>
      <url>https://github.com/advisories/GHSA-q75f-2pp5-9phj</url>
      <cvename>CVE-2024-2886</cvename>
      <url>https://github.com/advisories/GHSA-5pj4-f8gh-j3mr</url>
    </references>
    <dates>
      <discovery>2024-04-03</discovery>
      <entry>2024-04-05</entry>
    </dates>
  </vuln>

  <vuln vid="4a026b6c-f2b8-11ee-8e76-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>123.0.6312.105</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>123.0.6312.105</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html">
	 <p>This update includes 3 security fixes:</p>
	 <ul>
	    <li>[329130358] High CVE-2024-3156: Inappropriate implementation in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-03-12</li>
	    <li>[329965696] High CVE-2024-3158: Use after free in Bookmarks. Reported by undoingfish on 2024-03-17</li>
	    <li>[330760873] High CVE-2024-3159: Out of bounds memory access in V8. Reported by Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) of Palo Alto Networks, via Pwn2Own 2024 on 2024-03-22</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-3156</cvename>
      <cvename>CVE-2024-3158</cvename>
      <cvename>CVE-2024-3159</cvename>
      <url>https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html</url>
    </references>
    <dates>
      <discovery>2024-04-02</discovery>
      <entry>2024-04-04</entry>
    </dates>
  </vuln>

  <vuln vid="57561cfc-f24b-11ee-9730-001fc69cd6dc">
    <topic>xorg server -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>xorg-server</name>
	<name>xephyr</name>
	<name>xorg-vfbserver</name>
	<range><lt>21.1.12,1</lt></range>
      </package>
      <package>
	<name>xorg-nextserver</name>
	<range><lt>21.1.12,2</lt></range>
      </package>
      <package>
	<name>xwayland</name>
	<range><lt>23.2.5</lt></range>
      </package>
      <package>
	<name>xwayland-devel</name>
	<range><ge>21.0.99.1.672</ge><lt>21.0.99.1.841_1</lt></range>
	<range><lt>21.0.99.1.671_1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The X.Org project reports:</p>
	<blockquote cite="https://lists.x.org/archives/xorg-announce/2024-April/003497.html">
	  <ul>
	    <li>
	      CVE-2024-31080: Heap buffer overread/data leakage in
	      ProcXIGetSelectedEvents

	      <p>The ProcXIGetSelectedEvents() function uses the byte-swapped
	      length of the return data for the amount of data to return to
	      the client, if the client has a different endianness than
	      the X server.</p>
	    </li>
	    <li>CVE-2024-31081: Heap buffer overread/data leakage in
	    ProcXIPassiveGrabDevice

	    <p>The ProcXIPassiveGrabDevice() function uses the byte-swapped
	    length of the return data for the amount of data to return to
	    the client, if the client has a different endianness than
	    the X server.</p>
	    </li>

	    <li>CVE-2024-31083: User-after-free in ProcRenderAddGlyphs

	    <p>The ProcRenderAddGlyphs() function calls the AllocateGlyph()
	    function to store new glyphs sent by the client to the X server.
	    AllocateGlyph() would return a new glyph with refcount=0 and
	    a re-used glyph would end up not changing the refcount at all.
	    The resulting glyph_new array would thus have multiple entries
	    pointing to the same non-refcounted glyphs.

	    ProcRenderAddGlyphs() may free a glyph, resulting in a
	    use-after-free when the same glyph pointer is then later used.</p>
	    </li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-31080</cvename>
      <cvename>CVE-2024-31081</cvename>
      <cvename>CVE-2024-31083</cvename>
      <url>https://lists.x.org/archives/xorg-announce/2024-April/003497.html</url>
    </references>
    <dates>
      <discovery>2024-04-03</discovery>
      <entry>2024-04-04</entry>
    </dates>
  </vuln>

  <vuln vid="2e3bea0c-f110-11ee-bc57-00e081b7aa2d">
    <topic>jenkins -- HTTP/2 denial of service vulnerability in bundled Jetty</topic>
    <affects>
      <package>
	<name>jenkins</name>
	<range><lt>2.444</lt></range>
      </package>
      <package>
	<name>jenkins-lts</name>
	<range><lt>2.440.2</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Jenkins Security Advisory:</p>
	<blockquote cite="https://www.jenkins.io/security/advisory/2024-03-20/">
	  <h1>Description</h1>
	  <h5>(High) SECURITY-3379 / CVE-2024-22201</h5>
	  <p>HTTP/2 denial of service vulnerability in bundled Jetty</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-22201</cvename>
      <url>https://www.jenkins.io/security/advisory/2024-03-20/</url>
    </references>
    <dates>
      <discovery>2024-03-20</discovery>
      <entry>2024-04-02</entry>
    </dates>
  </vuln>

  <vuln vid="d58726ff-ef5e-11ee-8d8e-080027a5b8e9">
    <topic>mediawiki -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>mediawiki139</name>
	<range><lt>1.39.7</lt></range>
      </package>
      <package>
	<name>mediawiki140</name>
	<range><lt>1.40.3</lt></range>
      </package>
      <package>
	<name>mediawiki141</name>
	<range><lt>1.41.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Mediawiki reports:</p>
	<blockquote cite="https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/V3WXEPXV2DU6WTVEKK4XHW4QXD5OFKD7/">
	  <p>(T355538, CVE-2024-PENDING) SECURITY: XSS in edit summary parser.</p>
	  <p>(T357760, CVE-2024-PENDING) SECURITY: Denial of service vector via GET
	    request to Special:MovePage on pages with thousands of subpages.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <url>https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/V3WXEPXV2DU6WTVEKK4XHW4QXD5OFKD7/</url>
    </references>
    <dates>
      <discovery>2024-03-15</discovery>
      <entry>2024-03-31</entry>
    </dates>
  </vuln>

  <vuln vid="bdcd041e-5811-4da3-9243-573a9890fdb1">
    <topic>electron{27,28} -- Object lifecycle issue in V8</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.3.8</lt></range>
      </package>
      <package>
	<name>electron28</name>
	<range><lt>28.2.9</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.8">
	  <p>This update fixes the following vulnerability:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-2625.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-2625</cvename>
      <url>https://github.com/advisories/GHSA-j7h3-fcrw-g6j8</url>
    </references>
    <dates>
      <discovery>2024-03-28</discovery>
      <entry>2024-03-29</entry>
    </dates>
  </vuln>

  <vuln vid="d2992bc2-ed18-11ee-96dc-001b217b3468">
    <topic>Gitlab -- vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>16.10.0</ge><lt>16.10.1</lt></range>
	<range><ge>16.9.0</ge><lt>16.9.3</lt></range>
	<range><lt>16.8.5</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2024/03/27/security-release-gitlab-16-10-1-released/">
	  <p>Stored-XSS injected in Wiki page via Banzai pipeline</p>
	  <p>DOS using crafted emojis</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-6371</cvename>
      <cvename>CVE-2024-2818</cvename>
      <url>https://about.gitlab.com/releases/2024/03/27/security-release-gitlab-16-10-1-released/</url>
    </references>
    <dates>
      <discovery>2024-03-27</discovery>
      <entry>2024-03-28</entry>
    </dates>
  </vuln>

  <vuln vid="814af1be-ec63-11ee-8e76-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>123.0.6312.86</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>123.0.6312.86</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html">
	 <p>This update includes 7 security fixes:</p>
	 <ul>
	    <li>[327807820] Critical CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim(@cassidy6564) on 2024-03-03</li>
	    <li>[328958020] High CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz on 2024-03-11</li>
	    <li>[330575496] High CVE-2024-2886: Use after free in WebCodecs. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024 on 2024-03-21</li>
	    <li>[330588502] High CVE-2024-2887: Type Confusion in WebAssembly. Reported by Manfred Paul, via Pwn2Own 2024 on 2024-03-21</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-2883</cvename>
      <cvename>CVE-2024-2885</cvename>
      <cvename>CVE-2024-2886</cvename>
      <cvename>CVE-2024-2887</cvename>
      <url>https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html</url>
    </references>
    <dates>
      <discovery>2024-03-26</discovery>
      <entry>2024-03-27</entry>
    </dates>
  </vuln>

  <vuln vid="8b3be705-eba7-11ee-99b3-589cfc0f81b0">
    <topic>phpmyfaq -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>phpmyfaq-php81</name>
	<name>phpmyfaq-php82</name>
	<name>phpmyfaq-php83</name>
	<range><lt>3.2.6</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>phpMyFAQ team reports:</p>
	<blockquote cite="https://www.phpmyfaq.de/security/advisory-2024-03-25">
	  <p>The phpMyFAQ Team has learned of multiple security issues that'd
	    been discovered in phpMyFAQ 3.2.5 and earlier. phpMyFAQ contains
	    cross-site scripting (XSS), SQL injection and bypass
	    vulnerabilities.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-mmh6-5cpf-2c72</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-hm8r-95g3-5hj9</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-48vw-jpf8-hwqh</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-2grw-mc9r-822r</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-6p68-36m6-392r</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-pwh2-fpfr-x5gf</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-q7g6-xfh2-vhpx</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-qgxx-4xv5-6hcw</url>
    </references>
    <dates>
      <discovery>2024-03-25</discovery>
      <entry>2024-03-26</entry>
    </dates>
  </vuln>

  <vuln vid="f661184a-eb90-11ee-92fc-1c697a616631">
    <topic>emacs -- multiple vulnerabilities</topic>
    <affects>
      <package>
       <name>emacs</name>
       <name>emacs-canna</name>
       <name>emacs-nox</name>
       <range><lt>29.3,3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>GNU Emacs developers report:</p>
	<blockquote cite="https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29.3">
	  <p>Emacs 29.3 is an emergency bugfix release intended to fix several security vulnerabilities.</p>
	<ul>
	  <li>Arbitrary Lisp code is no longer evaluated as part of turning on Org mode.  This is for security reasons, to avoid evaluating malicious Lisp code.</li>
	  <li>New buffer-local variable 'untrusted-content'.  When this is non-nil, Lisp programs should treat buffer contents with extra caution.</li>
	  <li>Gnus now treats inline MIME contents as untrusted.  To get back previous insecure behavior, 'untrusted-content' should be reset to nil in the buffer.</li>
	  <li>LaTeX preview is now by default disabled for email attachments.  To get back previous insecure behavior, set the variable 'org--latex-preview-when-risky' to a non-nil value.</li>
	  <li>Org mode now considers contents of remote files to be untrusted.  Remote files are recognized by calling 'file-remote-p'.</li>
	</ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-30202</cvename>
      <cvename>CVE-2024-30203</cvename>
      <cvename>CVE-2024-30204</cvename>
      <cvename>CVE-2024-30205</cvename>
      <url>https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29.3</url>
    </references>
    <dates>
      <discovery>2024-03-24</discovery>
      <entry>2024-03-26</entry>
    </dates>
  </vuln>

  <vuln vid="34f98d06-eb56-11ee-8007-6805ca2fa271">
    <topic>quiche -- Multiple Vulnerabilities</topic>
    <affects>
      <package>
       <name>quiche</name>
       <range><lt>0.20.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Quiche Releases reports:</p>
	<blockquote cite="https://github.com/cloudflare/quiche/releases/tag/0.20.1">
	 <p>This release includes 2 security fixes:</p>
	 <ul>
	  <li>
		CVE-2024-1410: Unbounded storage of information related to
		connection ID retirement, in quiche. Reported by Marten
		Seeman (@marten-seeman)
	  </li>
	  <li>
		CVE-2024-1765: Unlimited resource allocation by QUIC
		CRYPTO frames flooding in quiche. Reported by Marten
		Seeman (@marten-seeman)
	  </li>
	 </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1410</cvename>
      <cvename>CVE-2024-1765</cvename>
      <url>https://github.com/cloudflare/quiche/releases/tag/0.20.1</url>
    </references>
    <dates>
      <discovery>2024-03-12</discovery>
      <entry>2024-03-26</entry>
    </dates>
  </vuln>

  <vuln vid="80815c47-e84f-11ee-8e76-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>123.0.6312.58</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>123.0.6312.58</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html">
	 <p>This update includes 12 security fixes:</p>
	 <ul>
	    <li>[327740539] High CVE-2024-2625: Object lifecycle issue in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2024-03-01</li>
	    <li>[40945098] Medium CVE-2024-2626: Out of bounds read in Swiftshader. Reported by Cassidy Kim(@cassidy6564) on 2023-11-22</li>
	    <li>[41493290] Medium CVE-2024-2627: Use after free in Canvas. Reported by Anonymous on 2024-01-21</li>
	    <li>[41487774] Medium CVE-2024-2628: Inappropriate implementation in Downloads. Reported by Ath3r1s on 2024-01-03</li>
	    <li>[41487721] Medium CVE-2024-2629: Incorrect security UI in iOS. Reported by Muneaki Nishimura (nishimunea) on 2024-01-02</li>
	    <li>[41481877] Medium CVE-2024-2630: Inappropriate implementation in iOS. Reported by James Lee (@Windowsrcer) on 2023-12-07</li>
	    <li>[41495878] Low CVE-2024-2631: Inappropriate implementation in iOS. Reported by Ramit Gangwar on 2024-01-29</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-2625</cvename>
      <cvename>CVE-2024-2626</cvename>
      <cvename>CVE-2024-2627</cvename>
      <cvename>CVE-2024-2628</cvename>
      <cvename>CVE-2024-2629</cvename>
      <cvename>CVE-2024-2630</cvename>
      <cvename>CVE-2024-2631</cvename>
      <url>https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html</url>
    </references>
    <dates>
      <discovery>2024-03-19</discovery>
      <entry>2024-03-22</entry>
    </dates>
  </vuln>

  <vuln vid="7a7129ef-e790-11ee-a1c0-0050569f0b83">
    <topic>security/shibboleth-idp -- CAS service SSRF</topic>
    <affects>
      <package>
	<name>shibboleth-idp</name>
	<range><ge>4.3.0</ge><lt>4.3.2</lt></range>
	<range><ge>5.0.0</ge><lt>5.1.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Shibboleth Developers report:</p>
	<blockquote cite="https://shibboleth.net/community/advisories/secadv_20240320.txt">
	  <p>The Identity Provider's CAS support relies on a function in the
	     Spring Framework to parse CAS service URLs and append the ticket
	     parameter.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <url>https://shibboleth.net/community/advisories/secadv_20240320.txt</url>
    </references>
    <dates>
      <discovery>2024-03-20</discovery>
      <entry>2024-03-21</entry>
    </dates>
  </vuln>

  <vuln vid="a8448963-e6f5-11ee-a784-dca632daf43b">
    <topic>databases/mongodb* -- Improper Certificate Validation</topic>
    <affects>
      <package>
	<name>mongodb44</name>
	<range><lt>4.4.29</lt></range>
      </package>
      <package>
	<name>mongodb50</name>
	<range><lt>5.0.25</lt></range>
      </package>
      <package>
	<name>mongodb60</name>
	<range><lt>6.0.14</lt></range>
      </package>
      <package>
	<name>mongodb70</name>
	<range><lt>7.0.6</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>MongoDB, Inc. reports:</p>
	<blockquote cite="https://jira.mongodb.org/browse/SERVER-72839">
	  <p>A security vulnerability was found where a server process
	  running MongoDB 3.2.6 or later will allow incoming connections
	  to skip peer certificate validation if the server process was
	  started with TLS enabled (net.tls.mode set to allowTLS,
	  preferTLS, or requireTLS) and without a net.tls.CAFile
	  configured (CVE-2024-1351).</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1351</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2024-1351</url>
    </references>
    <dates>
      <discovery>2024-03-07</discovery>
      <entry>2024-03-20</entry>
    </dates>
  </vuln>

  <vuln vid="05b7180b-e571-11ee-a1c0-0050569f0b83">
    <topic>www/varnish7 -- Denial of Service</topic>
    <affects>
      <package>
	<name>varnish7</name>
	<range><lt>7.4.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Varnish Development Team reports:</p>
	<blockquote cite="https://varnish-cache.org/security/VSV00014.html#vsv00014">
	<p>A denial of service attack can be performed on Varnish Cacher servers
	   that have the HTTP/2 protocol turned on. An attacker can let the
	   servers HTTP/2 connection control flow window run out of credits
	   indefinitely and prevent progress in the processing of streams,
	   retaining the associated resources.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-43622</cvename>
      <url>https://varnish-cache.org/security/VSV00014.html#vsv00014</url>
    </references>
    <dates>
      <discovery>2019-04-19</discovery>
      <entry>2024-03-18</entry>
    </dates>
  </vuln>

  <vuln vid="0a48e552-e470-11ee-99b3-589cfc0f81b0">
    <topic>amavisd-new -- multipart boundary confusion</topic>
    <affects>
      <package>
	<name>amavisd-new</name>
	<range><lt>2.12.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Amavis project reports:</p>
	<blockquote cite="https://gitlab.com/amavis/amavis/-/raw/v2.12.3/README_FILES/README.CVE-2024-28054">
	  <p>Emails which consist of multiple parts (`Content-Type: multipart/*`)
	  incorporate boundary information stating at which point one part ends and the
	  next part begins.</p>
	  <p>A boundary is announced by an Content-Type header's `boundary` parameter. To
	  our current knowledge, RFC2046 and RFC2045 do not explicitly specify how a
	  parser should handle multiple boundary parameters that contain conflicting
	  values. As a result, there is no canonical choice which of the values should or
	  should not be used for mime part decomposition.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-28054</cvename>
      <url>https://gitlab.com/amavis/amavis/-/raw/v2.12.3/README_FILES/README.CVE-2024-28054</url>
    </references>
    <dates>
      <discovery>2024-03-14</discovery>
      <entry>2024-03-17</entry>
    </dates>
  </vuln>

  <vuln vid="1ad3d264-e36b-11ee-9c27-40b034429ecf">
    <topic>typo3-{11,12} -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>typo3-11</name>
	<range><lt>11.5.35</lt></range>
      </package>
      <package>
	<name>typo3-12</name>
	<range><lt>12.4.11</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Typo3 developers reports:</p>
	<blockquote cite="https://typo3.org/article/typo3-1301-12411-and-11535-security-releases-published">
	  <p>All versions are security releases and contain important security fixes - read the corresponding security advisories here:</p>
	<ul>
	  <li>Path Traversal in TYPO3 File Abstraction Layer Storages CVE-2023-30451</li>
	  <li>Code Execution in TYPO3 Install Tool CVE-2024-22188</li>
	  <li>Information Disclosure of Hashed Passwords in TYPO3 Backend Forms CVE-2024-25118</li>
	  <li>Information Disclosure of Encryption Key in TYPO3 Install Tool CVE-2024-25119</li>
	  <li>Improper Access Control of Resources Referenced by t3:// URI Scheme CVE-2024-25120</li>
	  <li>Improper Access Control Persisting File Abstraction Layer Entities via Data Handler CVE-2024-25121</li>
	</ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-30451</cvename>
      <cvename>CVE-2024-22188</cvename>
      <cvename>CVE-2024-25118</cvename>
      <cvename>CVE-2024-25119</cvename>
      <cvename>CVE-2024-25120</cvename>
      <cvename>CVE-2024-25121</cvename>
      <url>https://typo3.org/article/typo3-1301-12411-and-11535-security-releases-published</url>
    </references>
    <dates>
      <discovery>2024-02-13</discovery>
      <entry>2024-03-16</entry>
    </dates>
  </vuln>

  <vuln vid="49dd9362-4473-48ae-8fac-e1b69db2dedf">
    <topic>electron{27,28} -- Out of bounds memory access in V8</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.3.6</lt></range>
      </package>
      <package>
	<name>electron28</name>
	<range><lt>28.2.7</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.6">
	  <p>This update fixes the following vulnerability:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-2173.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-2173</cvename>
      <url>https://github.com/advisories/GHSA-6hhg-hj7x-7qv8</url>
    </references>
    <dates>
      <discovery>2024-03-13</discovery>
      <entry>2024-03-14</entry>
    </dates>
  </vuln>

  <vuln vid="b6dd9d93-e09b-11ee-92fc-1c697a616631">
    <topic>Intel CPUs -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>cpu-microcode-intel</name>
	<range><lt>20240312</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Intel reports:</p>
	<blockquote cite="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html">
	  <p>2024.1 IPU - Intel Processor Bus Lock Advisory</p>

	  <p>A potential security vulnerability in the bus lock regulator
	  mechanism for some Intel Processors may allow denial of service. Intel
	  is releasing firmware updates to mitigate this potential
	  vulnerability.</p>
	</blockquote>
	<blockquote cite="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html">
	  <p>2024.1 IPU - Intel Processor Return Predictions Advisory</p>

	  <p>A potential security vulnerability in some Intel Processors may
	  allow information disclosure.</p>
	</blockquote>
	<blockquote cite="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html">
	  <p>2024.1 IPU - Intel Atom Processor Advisory</p>

	  <p>A potential security vulnerability in some Intel Atom Processors
	  may allow information disclosure.</p>
	</blockquote>
	<blockquote cite="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html">
	  <p>2024.1 IPU - Intel Xeon Processor Advisory</p>

	  <p>A potential security vulnerability in some 3rd and 4th Generation
	  Intel Xeon Processors when using Intel Software Guard Extensions (SGX)
	  or Intel Trust Domain Extensions (TDX) may allow escalation of
	  privilege.</p>
	</blockquote>
	<blockquote cite="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html">
	  <p>2024.1 IPU OOB - Intel Xeon D Processor Advisory</p>

	  <p>A potential security vulnerability in some Intel Xeon D Processors
	  with Intel Software Guard Extensions (SGX) may allow information
	  disclosure.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-39368</cvename>
      <cvename>CVE-2023-38575</cvename>
      <cvename>CVE-2023-28746</cvename>
      <cvename>CVE-2023-22655</cvename>
      <cvename>CVE-2023-43490</cvename>
      <url>https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240312</url>
    </references>
    <dates>
      <discovery>2023-03-12</discovery>
      <entry>2024-03-12</entry>
    </dates>
  </vuln>

  <vuln vid="6d31ef38-df85-11ee-abf1-6c3be5272acd">
    <topic>Grafana -- Data source permission escalation</topic>
    <affects>
      <package>
	<name>grafana</name>
	<range><ge>8.5.0</ge><lt>9.5.17</lt></range>
	<range><ge>10.0.0</ge><lt>10.0.12</lt></range>
	<range><ge>10.1.0</ge><lt>10.1.8</lt></range>
	<range><ge>10.2.0</ge><lt>10.2.5</lt></range>
	<range><ge>10.3.0</ge><lt>10.3.4</lt></range>
      </package>
      <package>
	<name>grafana9</name>
	<range><lt>9.5.17</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Grafana Labs reports:</p>
	<blockquote cite="https://grafana.com/blog/2024/03/07/grafana-security-release-medium-severity-security-fix-for-cve-2024-1442/">
	  <p>The vulnerability impacts Grafana Cloud and Grafana Enterprise instances,
	  and it is exploitable if a user who should not be able to access all data
	  sources is granted permissions to create a data source.</p>
	  <p>By default, only organization Administrators are allowed to create a data
	  source and have full access to all data sources. All other users need to be
	  explicitly granted permission to create a data source, which then means they
	  could exploit this vulnerability.</p>
	  <p>When a user creates a data source via the
	  <a href="https://grafana.com/docs/grafana/latest/developers/http_api/data_source/#create-a-data-source">API</a>,
	  they can specify data source UID. If the UID is set to an asterisk (*),
	  the user gains permissions to query, update, and delete all data sources
	  in the organization. The exploit, however, does not stretch across
	  organizations — to exploit the vulnerability in several organizations, a user
	  would need permissions to create data sources in each organization.</p>
	  <p>The vulnerability comes from a lack of UID validation. When evaluating
	  permissions, we interpret an asterisk (*) as a wild card for all resources.
	  Therefore, we should treat it as a reserved value, and not allow the creation
	  of a resource with the UID set to an asterisk.</p>
	  <p>The CVSS score for this vulnerability is
	  <a href="https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L&amp;version=3.1">6 Medium</a>.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1442</cvename>
      <url>https://grafana.com/security/security-advisories/cve-2024-1442/</url>
    </references>
    <dates>
      <discovery>2024-02-12</discovery>
      <entry>2024-03-11</entry>
      <modified>2024-03-26</modified>
    </dates>
  </vuln>

  <vuln vid="c2ad8700-de25-11ee-9190-84a93843eb75">
    <topic>Unbound -- Denial-of-Service vulnerability</topic>
    <affects>
      <package>
	<name>unbound</name>
	<range><gt>1.18.0</gt><lt>1.19.2</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>NLNet Labs reports:</p>
	<blockquote cite="https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt">
	  <p>Unbound 1.18.0 introduced a feature that removes EDE records from
	    responses with size higher than the client's advertised buffer size.
	    Before removing all the EDE records however, it would try to see if
	    trimming the extra text fields on those records would result in an
	    acceptable size while still retaining the EDE codes. Due to an
	    unchecked condition, the code that trims the text of the EDE records
	    could loop indefinitely. This happens when Unbound would reply with
	    attached EDE information on a positive reply and the client's buffer
	    size is smaller than the needed space to include EDE records.

	    The vulnerability can only be triggered when the 'ede: yes' option
	    is used; non default configuration.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1931</cvename>
      <url>https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt</url>
    </references>
    <dates>
      <discovery>2024-03-07</discovery>
      <entry>2024-03-09</entry>
    </dates>
  </vuln>

  <vuln vid="e74da31b-276a-4a22-9772-17dd42b97559">
    <topic>electron{27,28} -- vulnerability in libxml2</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.3.5</lt></range>
      </package>
      <package>
	<name>electron28</name>
	<range><lt>28.2.6</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.5">
	  <p>This update fixes the following vulnerability:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-25062.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-25062</cvename>
      <url>https://github.com/advisories/GHSA-x77r-6xxm-wjmx</url>
    </references>
    <dates>
      <discovery>2024-03-06</discovery>
      <entry>2024-03-07</entry>
    </dates>
  </vuln>

  <vuln vid="b2caae55-dc38-11ee-96dc-001b217b3468">
    <topic>Gitlab -- Vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>16.9.0</ge><lt>16.9.2</lt></range>
	<range><ge>16.8.0</ge><lt>16.8.4</lt></range>
	<range><ge>11.3.0</ge><lt>16.7.7</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/">
	  <p>Bypassing CODEOWNERS approval allowing to steal protected variables</p>
	  <p>Guest with manage group access tokens can rotate and see group access token with owner permissions</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0199</cvename>
      <cvename>CVE-2024-1299</cvename>
      <url>https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/</url>
    </references>
    <dates>
      <discovery>2024-03-06</discovery>
      <entry>2024-03-07</entry>
    </dates>
  </vuln>

  <vuln vid="b1b039ec-dbfc-11ee-9165-901b0e9408dc">
    <topic>go -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>go122</name>
	<range><lt>1.22.1</lt></range>
      </package>
      <package>
	<name>go121</name>
	<range><lt>1.21.8</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Go project reports reports:</p>
	<blockquote cite="https://go.dev/issue/65390">
	  <p>crypto/x509: Verify panics on certificates with an
	  unknown public key algorithm</p>
	  <p>Verifying a certificate chain which contains a
	  certificate with an unknown public key algorithm will
	  cause Certificate.Verify to panic.</p>
	</blockquote>
	<blockquote cite="https://go.dev/issue/65383">
	  <p>net/http: memory exhaustion in Request.ParseMultipartForm</p>
	  <p>When parsing a multipart form (either explicitly with
	  Request.ParseMultipartForm or implicitly with Request.FormValue,
	  Request.PostFormValue, or Request.FormFile), limits on the total
	  size of the parsed form were not applied to the memory consumed
	  while reading a single form line. This permitted a maliciously
	  crafted input containing very long lines to cause allocation of
	  arbitrarily large amounts of memory, potentially leading to memory
	  exhaustion.</p>
	</blockquote>
	<blockquote cite="https://go.dev/issue/65065">
	  <p>net/http, net/http/cookiejar: incorrect forwarding
	  of sensitive headers and cookies on HTTP redirect</p>
	  <p>When following an HTTP redirect to a domain which
	  is not a subdomain match or exact match of the initial
	  domain, an http.Client does not forward sensitive headers
	  such as "Authorization" or "Cookie". For example, a
	  redirect from foo.com to www.foo.com will forward the
	  Authorization header, but a redirect to bar.com will not.</p>
	</blockquote>
	<blockquote cite="https://go.dev/issue/65697">
	  <p>html/template: errors returned from MarshalJSON methods
	  may break template escaping</p>
	  <p>If errors returned from MarshalJSON methods contain user
	  controlled data, they may be used to break the contextual
	  auto-escaping behavior of the html/template package, allowing
	  for subsequent actions to inject unexpected content into
	  templates.</p>
	</blockquote>
	<blockquote cite="https://go.dev/issue/65083">
	  <p>net/mail: comments in display names are incorrectly handled</p>
	  <p>The ParseAddressList function incorrectly handles comments
	  (text within parentheses) within display names. Since this is a
	  misalignment with conforming address parsers, it can result in
	  different trust decisions being made by programs using different
	  parsers.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-45289</cvename>
      <cvename>CVE-2023-45290</cvename>
      <cvename>CVE-2024-24783</cvename>
      <cvename>CVE-2024-24784</cvename>
      <cvename>CVE-2024-24785</cvename>
      <url>https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg/m/46oA5yPABQAJ</url>
    </references>
    <dates>
      <discovery>2024-03-05</discovery>
      <entry>2024-03-06</entry>
    </dates>
  </vuln>

  <vuln vid="fd3401a1-b6df-4577-917a-2c22fee99d34">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>122.0.6261.111</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>122.0.6261.111</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html">
	 <p>This update includes 3 security fixes:</p>
	 <ul>
	    <li>[325893559] High CVE-2024-2173: Out of bounds memory access in V8. Reported by 5fceb6172bbf7e2c5a948183b53565b9 on 2024-02-19</li>
	    <li>[325866363] High CVE-2024-2174: Inappropriate implementation in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-19</li>
	    <li>[325936438] High CVE-2024-2176: Use after free in FedCM. Reported by Anonymous on 2024-02-20</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-2173</cvename>
      <cvename>CVE-2024-2174</cvename>
      <cvename>CVE-2024-2176</cvename>
      <url>https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html</url>
    </references>
    <dates>
      <discovery>2024-03-05</discovery>
      <entry>2024-03-06</entry>
    </dates>
  </vuln>

  <vuln vid="0ef3398e-da21-11ee-b23a-080027a5b8e9">
    <topic>Django -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>py39-django32</name>
	<name>py310-django32</name>
	<name>py311-django32</name>
	<range><lt>3.2.25</lt></range>
      </package>
      <package>
	<name>py39-django42</name>
	<name>py310-django42</name>
	<name>py311-django42</name>
	<range><lt>4.2.11</lt></range>
      </package>
      <package>
	<name>py310-django50</name>
	<name>py311-django50</name>
	<range><lt>5.0.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Django reports:</p>
	<blockquote cite="https://www.djangoproject.com/weblog/2024/mar/04/security-releases/">
	  <p>CVE-2024-27351: Potential regular expression denial-of-service in
	    django.utils.text.Truncator.words().</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-27351</cvename>
      <url>https://www.djangoproject.com/weblog/2024/mar/04/security-releases/</url>
    </references>
    <dates>
      <discovery>2024-02-25</discovery>
      <entry>2024-03-04</entry>
    </dates>
  </vuln>

  <vuln vid="77a6f1c9-d7d2-11ee-bb12-001b217b3468">
    <topic>NodeJS -- Vulnerabilities</topic>
    <affects>
      <package>
	<name>node</name>
	<range><ge>21.0.0</ge><lt>21.6.2</lt></range>
	<range><ge>20.0.0</ge><lt>20.11.1</lt></range>
	<range><ge>18.0.0</ge><lt>18.19.1</lt></range>
	<range><ge>16.0.0</ge><lt>16.20.3</lt></range>
      </package>
      <package>
	<name>node16</name>
	<range><ge>16.0.0</ge><lt>16.20.3</lt></range>
      </package>
      <package>
	<name>node18</name>
	<range><ge>18.0.0</ge><lt>18.19.1</lt></range>
      </package>
      <package>
	<name>node20</name>
	<range><ge>20.0.0</ge><lt>20.11.1</lt></range>
      </package>
      <package>
	<name>node21</name>
	<range><ge>21.0.0</ge><lt>21.6.2</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Node.js reports:</p>
	<blockquote cite="https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#2024-02-14-version-20111-iron-lts-rafaelgss-prepared-by-marco-ippolito">
	  <p>Code injection and privilege escalation through Linux capabilities- (High)</p>
	  <p>http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)</p>
	  <p>Path traversal by monkey-patching Buffer internals- (High)</p>
	  <p>setuid() does not drop all privileges due to io_uring - (High)</p>
	  <p>Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)</p>
	  <p>Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium)</p>
	  <p>Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium)</p>
	  <p>Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-21892</cvename>
      <cvename>CVE-2024-22019</cvename>
      <cvename>CVE-2024-21896</cvename>
      <cvename>CVE-2024-22017</cvename>
      <cvename>CVE-2023-46809</cvename>
      <cvename>CVE-2024-21891</cvename>
      <cvename>CVE-2024-21890</cvename>
      <cvename>CVE-2024-22025</cvename>
      <url>https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#2024-02-14-version-20111-iron-lts-rafaelgss-prepared-by-marco-ippolito</url>
    </references>
    <dates>
      <discovery>2024-02-14</discovery>
      <entry>2024-03-01</entry>
    </dates>
  </vuln>

  <vuln vid="3567456a-6b17-41f7-ba7f-5cd3efb2b7c9">
    <topic>electron{27,28} -- Use after free in Mojo</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.3.4</lt></range>
      </package>
      <package>
	<name>electron28</name>
	<range><lt>28.2.5</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.4">
	  <p>This update fixes the following vulnerability:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-1670.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1670</cvename>
      <url>https://github.com/advisories/GHSA-wjv4-j3hc-gxvv</url>
    </references>
    <dates>
      <discovery>2024-02-28</discovery>
      <entry>2024-02-29</entry>
    </dates>
  </vuln>

  <vuln vid="31bb1b8d-d6dc-11ee-86bb-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>122.0.6261.94</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>122.0.6261.94</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html">
	 <p>This update includes 4 security fixes:</p>
	 <ul>
	    <li>[324596281] High CVE-2024-1938: Type Confusion in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-11</li>
	    <li>[323694592] High CVE-2024-1939: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2024-02-05</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-1938</cvename>
      <cvename>CVE-2024-1939</cvename>
      <url>https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html</url>
    </references>
    <dates>
      <discovery>2024-02-27</discovery>
      <entry>2024-02-29</entry>
    </dates>
  </vuln>

  <vuln vid="3dada2d5-4e17-4e39-97dd-14fdbd4356fb">
    <topic>null -- Routinator terminates when RTR connection is reset too quickly after opening</topic>
    <affects>
      <package>
       <name>null</name>
       <range><lt>null</lt></range>
      </package>
    </affects>
    <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
       <p>sep@nlnetlabs.nl reports:</p>
       <blockquote cite="https://www.nlnetlabs.nl/downloads/routinator/CVE-2024-1622.txt">
       <p>Due to a mistake in error checking, Routinator will terminate when
       an incoming RTR connection is reset by the peer too quickly after
       opening.</p>
       </blockquote>
       </body>
    </description>
    <references>
      <cvename>CVE-2024-1622</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2024-1622</url>
    </references>
    <dates>
      <discovery>2024-02-26</discovery>
      <entry>2024-02-28</entry>
    </dates>
  </vuln>

  <vuln vid="02e33cd1-c655-11ee-8613-08002784c58d">
    <topic>curl -- OCSP verification bypass with TLS session reuse</topic>
    <affects>
      <package>
	<name>curl</name>
	<range><lt>8.6.0</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Hiroki Kurosawa reports:</p>
	<blockquote cite="https://curl.se/docs/CVE-2024-0853.html">
	  <p>
	    curl inadvertently kept the SSL session ID for connections
	    in its cache even when the verify status (OCSP stapling)
	    test failed. A subsequent transfer to the same hostname
	    could then succeed if the session ID cache was still
	    fresh, which then skipped the verify status check.
	  </p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0853</cvename>
      <url>https://curl.se/docs/CVE-2024-0853.html</url>
    </references>
    <dates>
      <discovery>2024-01-31</discovery>
      <entry>2024-02-28</entry>
    </dates>
  </vuln>

  <vuln vid="5ecfb588-d2f4-11ee-ad82-dbdfaa8acfc2">
    <topic>gitea -- Fix XSS vulnerabilities</topic>
    <affects>
      <package>
	<name>gitea</name>
	<range><lt>1.21.6</lt></range>
      </package>
    </affects>
    <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
       <h1>Problem Description:</h1>
       <ul>
       <li>The Wiki page did not sanitize author name</li>
       <li>the reviewer name on a "dismiss review" comment is also affected</li>
       <li>the migration page has some spots</li>
       </ul>
      </body>
    </description>
    <references>
      <url>https://blog.gitea.com/release-of-1.21.6/</url>
    </references>
    <dates>
      <discovery>2024-02-23</discovery>
      <entry>2024-02-24</entry>
    </dates>
  </vuln>

  <vuln vid="2a470712-d351-11ee-86bb-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>122.0.6261.57</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>122.0.6261.57</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html">
	 <p>This update includes 12 security fixes:</p>
	 <ul>
	    <li>[41495060] High CVE-2024-1669: Out of bounds memory access in Blink. Reported by Anonymous on 2024-01-26</li>
	    <li>[41481374] High CVE-2024-1670: Use after free in Mojo. Reported by Cassidy Kim(@cassidy6564) on 2023-12-06</li>
	    <li>[41487933] Medium CVE-2024-1671: Inappropriate implementation in Site Isolation. Reported by Harry Chen on 2024-01-03</li>
	    <li>[41485789] Medium CVE-2024-1672: Inappropriate implementation in Content Security Policy. Reported by Georg Felber (TU Wien) &amp; Marco Squarcina (TU Wien) on 2023-12-19</li>
	    <li>[41490491] Medium CVE-2024-1673: Use after free in Accessibility. Reported by Weipeng Jiang (@Krace) of VRI on 2024-01-11</li>
	    <li>[40095183] Medium CVE-2024-1674: Inappropriate implementation in Navigation. Reported by David Erceg on 2019-05-27</li>
	    <li>[41486208] Medium CVE-2024-1675: Insufficient policy enforcement in Download. Reported by Bartłomiej Wacko on 2023-12-21</li>
	    <li>[40944847] Low CVE-2024-1676: Inappropriate implementation in Navigation. Reported by Khalil Zhani on 2023-11-21</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <url>https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html</url>
    </references>
    <dates>
      <discovery>2024-02-20</discovery>
      <entry>2024-02-24</entry>
    </dates>
  </vuln>

  <vuln vid="6a851dc0-cfd2-11ee-ac09-6c3be5272acd">
    <topic>Grafana -- Email verification is not required after email change</topic>
    <affects>
      <package>
	<name>grafana</name>
	<range><lt>9.5.16</lt></range>
	<range><ge>10.0.0</ge><lt>10.0.11</lt></range>
	<range><ge>10.1.0</ge><lt>10.1.7</lt></range>
	<range><ge>10.2.0</ge><lt>10.2.4</lt></range>
	<range><ge>10.3.0</ge><lt>10.3.3</lt></range>
      </package>
      <package>
	<name>grafana9</name>
	<range><lt>9.5.16</lt></range>
      </package>
      <package>
	<name>grafana10</name>
	<range><lt>10.0.11</lt></range>
	<range><ge>10.1.0</ge><lt>10.1.7</lt></range>
	<range><ge>10.2.0</ge><lt>10.2.4</lt></range>
	<range><ge>10.3.0</ge><lt>10.3.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Grafana Labs reports:</p>
	<blockquote cite="https://grafana.com/blog/2024/02/14/grafana-security-release-medium-severity-security-fix-for-cve-2023-6152/">
	  <p>The vulnerability impacts instances where
	  <a href="https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/grafana/">
	  Grafana basic authentication</a> is enabled.</p>
	  <p>Grafana has a
	  <a href="https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#verify_email_enabled">
	  verify_email_enabled</a> configuration option. When this option is enabled,
	  users are required to confirm their email addresses before the sign-up process
	  is complete. However, the email is only checked at the time of the sign-up.
	  No further verification is carried out if a user’s email address is updated
	  after the initial sign-up. Moreover, Grafana allows using an email address
	  as the user’s login name, and no verification is ever carried out for this email
	  address.</p>
	  <p>This means that even if the
	  <a href="https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#verify_email_enabled">
	  verify_email_enabled</a> configuration option is enabled, users can use
	  unverified email addresses to log into Grafana if the email address
	  has been changed after the sign up, or if an email address is set as the login
	  name.</p>
	  <p>The CVSS score for this vulnerability is [5.4 Medium] (CVSS).</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-6152</cvename>
      <url>https://grafana.com/security/security-advisories/cve-2023-6152/</url>
    </references>
    <dates>
      <discovery>2023-11-10</discovery>
      <entry>2024-02-20</entry>
    </dates>
  </vuln>

  <vuln vid="255bf44c-d298-11ee-9c27-40b034429ecf">
    <topic>dns/c-ares -- malformatted file causes application crash</topic>
    <affects>
      <package>
	<name>c-ares</name>
	<range><lt>1.27.0</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>c-ares project reports:</p>
	<blockquote cite="https://c-ares.org/changelog.html">
	  <p>Reading malformatted /etc/resolv.conf, /etc/nsswitch.conf or the HOSTALIASES file could result in a crash.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-25629</cvename>
      <url>https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q</url>
    </references>
    <dates>
      <discovery>2024-02-23</discovery>
      <entry>2024-02-23</entry>
    </dates>
  </vuln>

  <vuln vid="979dc373-d27d-11ee-8b84-b42e991fc52e">
    <topic>suricata -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>suricata</name>
	<range><lt>7.0.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Suricata team reports:</p>
	<blockquote cite="https://suricata.io/2024/02/08/suricata-7-0-3-and-6-0-16-released/">
	  <p>Multiple vulnerabilities fixed in the last release of suricata.</p>
	</blockquote>
	<p>No details have been disclosed yet</p>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-23839</cvename>
      <cvename>CVE-2024-23836</cvename>
      <cvename>CVE-2024-23835</cvename>
      <cvename>CVE-2024-24568</cvename>
      <cvename>CVE-2024-23837</cvename>
    </references>
    <dates>
      <discovery>2024-01-22</discovery>
      <entry>2024-02-23</entry>
    </dates>
  </vuln>

  <vuln vid="80ad6d6c-b398-457f-b88f-bf6be0bbad44">
    <topic>electron27 -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.3.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.3.3">
	  <p>This update fixes the following vulnerability:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-1283.</li>
	    <li>Security: backported fix for CVE-2024-1284.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1283</cvename>
      <url>https://github.com/advisories/GHSA-7mgj-p9v3-3vxr</url>
      <cvename>CVE-2024-1284</cvename>
      <url>https://github.com/advisories/GHSA-pf89-rhhw-xmhp</url>
    </references>
    <dates>
      <discovery>2024-02-21</discovery>
      <entry>2024-02-23</entry>
    </dates>
  </vuln>

  <vuln vid="03bf5157-d145-11ee-acee-001b217b3468">
    <topic>Gitlab -- Vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>16.9.0</ge><lt>16.9.1</lt></range>
	<range><ge>16.8.0</ge><lt>16.8.3</lt></range>
	<range><ge>11.3.0</ge><lt>16.7.6</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2024/02/21/security-release-gitlab-16-9-1-released/">
	  <p>Stored-XSS in user's profile page</p>
	  <p>User with "admin_group_members" permission can invite other groups to gain owner access</p>
	  <p>ReDoS issue in the Codeowners reference extractor</p>
	  <p>LDAP user can reset password using secondary email and login using direct authentication</p>
	  <p>Bypassing group ip restriction settings to access environment details of projects through Environments/Operations Dashboard</p>
	  <p>Users with the Guest role can change Custom dashboard projects settings for projects in the victim group</p>
	  <p>Group member with sub-maintainer role can change title of shared private deploy keys</p>
	  <p>Bypassing approvals of CODEOWNERS</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1451</cvename>
      <cvename>CVE-2023-6477</cvename>
      <cvename>CVE-2023-6736</cvename>
      <cvename>CVE-2024-1525</cvename>
      <cvename>CVE-2023-4895</cvename>
      <cvename>CVE-2024-0861</cvename>
      <cvename>CVE-2023-3509</cvename>
      <cvename>CVE-2024-0410</cvename>
      <url>https://about.gitlab.com/releases/2024/02/21/security-release-gitlab-16-9-1-released/</url>
    </references>
    <dates>
      <discovery>2024-02-21</discovery>
      <entry>2024-02-22</entry>
    </dates>
  </vuln>

  <vuln vid="e15ba624-cca8-11ee-84ca-b42e991fc52e">
    <topic>powerdns-recursor -- Multiple Vulnerabilities</topic>
    <affects>
      <package>
	<name>powerdns-recursor</name>
	<range><lt>5.0.2</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>cve@mitre.org reports:</p>
	<blockquote cite="https://access.redhat.com/security/cve/CVE-2023-50868">
	  <p>CVE-2023-50868: The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155
	  when RFC 9276 guidance is skipped) allows remote attackers to cause
	  a denial of service (CPU consumption for SHA-1 computations) via
	    DNSSEC responses in a random subdomain attack, aka the &quot;NSEC3&quot;
	  issue.  The RFC 5155 specification implies that an algorithm must
	  perform thousands of iterations of a hash function in certain
	situations.</p>
      <p>CVE-2023-50387: Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035,
      6840, and related RFCs) allow remote attackers to cause a denial
      of service (CPU consumption) via one or more DNSSEC responses, aka
      the &quot;KeyTrap&quot; issue.  One of the concerns is that, when
      there is a zone with many DNSKEY and RRSIG records, the protocol
      specification implies that an algorithm must evaluate all combinations
	of DNSKEY and RRSIG records.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-50868</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-50868</url>
      <cvename>CVE-2023-50387</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-50387</url>
    </references>
    <dates>
      <discovery>2024-02-14</discovery>
      <entry>2024-02-16</entry>
    </dates>
  </vuln>

  <vuln vid="c97a4ecf-cc25-11ee-b0ee-0050569f0b83">
    <topic>nginx-devel -- Multiple Vulnerabilities in HTTP/3</topic>
    <affects>
      <package>
	<name>nginx-devel</name>
	<range><ge>1.25.0</ge><lt>1.25.4</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The nginx development team reports:</p>
	<blockquote cite="http://nginx.org/en/security_advisories.html">
	  <p>When using HTTP/3 a segmentation fault might occur in a
	  worker process while processing a specially crafted QUIC session.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-24989</cvename>
      <cvename>CVE-2024-24990</cvename>
    </references>
    <dates>
      <discovery>2024-02-14</discovery>
      <entry>2024-02-15</entry>
    </dates>
  </vuln>

  <vuln vid="46a29f83-cb47-11ee-b609-002590c1f29c">
    <topic>FreeBSD -- jail(2) information leak</topic>
    <affects>
      <package>
	<name>FreeBSD-kernel</name>
	<range><ge>14.0</ge><lt>14.0_5</lt></range>
	<range><ge>13.2</ge><lt>13.2_10</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<h1>Problem Description:</h1>
	<p>The jail(2) system call has not limited a visiblity of allocated
	TTYs (the kern.ttys sysctl).  This gives rise to an information
	leak about processes outside the current jail.</p>
	<h1>Impact:</h1>
	<p>Attacker can get information about TTYs allocated on the host
	or in other jails.  Effectively, the information printed by "pstat
	-t" may be leaked.</p>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-25941</cvename>
      <freebsdsa>SA-24:02.tty</freebsdsa>
    </references>
    <dates>
      <discovery>2024-02-14</discovery>
      <entry>2024-02-14</entry>
    </dates>
  </vuln>

  <vuln vid="c62285cb-cb46-11ee-b609-002590c1f29c">
    <topic>FreeBSD -- bhyveload(8) host file access</topic>
    <affects>
      <package>
	<name>FreeBSD</name>
	<range><ge>14.0</ge><lt>14.0_5</lt></range>
	<range><ge>13.2</ge><lt>13.2_10</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<h1>Problem Description:</h1>
	<p>`bhyveload -h &lt;host-path&gt;` may be used to grant loader access
	to the &lt;host-path&gt; directory tree on the host.  Affected versions
	of bhyveload(8) do not make any attempt to restrict loader's access
	to &lt;host-path&gt;, allowing the loader to read any file the host user
	has access to.</p>
	<h1>Impact:</h1>
	<p>In the bhyveload(8) model, the host supplies a userboot.so to
	boot with, but the loader scripts generally come from the guest
	image.  A maliciously crafted script could be used to exfiltrate
	sensitive data from the host accessible to the user running
	bhyhveload(8), which is often the system root.</p>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-25940</cvename>
      <freebsdsa>SA-24:01.bhyveload</freebsdsa>
    </references>
    <dates>
      <discovery>2024-02-14</discovery>
      <entry>2024-02-14</entry>
    </dates>
  </vuln>

  <vuln vid="4edbea45-cb0c-11ee-86bb-a8a1599412c6">
    <topic>chromium -- security fix</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>121.0.6167.184</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>121.0.6167.184</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_13.html">
	 <p>This update includes 1 security fix.</p>
       </blockquote>
      </body>
    </description>
    <references>
      <url>https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_13.html</url>
    </references>
    <dates>
      <discovery>2024-02-13</discovery>
      <entry>2024-02-14</entry>
    </dates>
  </vuln>

  <vuln vid="21a854cc-cac1-11ee-b7a7-353f1e043d9a">
    <topic>DNSSEC validators -- denial-of-service/CPU exhaustion from KeyTrap and NSEC3 vulnerabilities</topic>
    <affects>
      <package>
	<name>bind916</name>
	<range><lt>9.16.48</lt></range>
      </package>
      <package>
	<name>bind918</name>
	<range><lt>9.18.24</lt></range>
      </package>
      <package>
	<name>bind9-devel</name>
	<range><lt>9.19.21</lt></range>
      </package>
      <package>
	<name>dnsmasq</name>
	<range><lt>2.90</lt></range>
      </package>
      <package>
	<name>dnsmasq-devel</name>
	<range><lt>2.90</lt></range>
      </package>
      <package>
	<name>powerdns-recursor</name>
	<range><lt>5.0.2</lt></range>
      </package>
      <package>
	<name>unbound</name>
	<range><lt>1.19.1</lt></range>
      </package>
      <package>
	<name>FreeBSD</name>
	<range><ge>14.0</ge><lt>14.0_6</lt></range>
	<range><ge>13.2</ge><lt>13.2_11</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Simon Kelley reports:</p>
	<blockquote cite="https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html">
	  <p>If DNSSEC validation is enabled, then an attacker who can force a
	    DNS server to validate a specially crafted signed domain can use a
	    lot of CPU in the validator. This only affects dnsmasq installations
	    with DNSSEC enabled.</p>
	</blockquote>
	<p>Stichting NLnet Labs reports:</p>
	<blockquote cite="https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/">
	  <p>
	    The KeyTrap [CVE-2023-50387] vulnerability works by using a
	    combination of Keys (also colliding Keys), Signatures and number of
	    RRSETs on a malicious zone. Answers from that zone can force a
	    DNSSEC validator down a very CPU intensive and time costly
	    validation path.
	  </p>
	  <p>
	    The NSEC3 [CVE-2023-50868] vulnerability uses specially crafted responses on a
	    malicious zone with multiple NSEC3 RRSETs to force a DNSSEC
	    validator down a very CPU intensive and time costly NSEC3 hash
	    calculation path.
	  </p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-50387</cvename>
      <cvename>CVE-2023-50868</cvename>
      <url>https://kb.isc.org/docs/cve-2023-50387</url>
      <url>https://kb.isc.org/docs/cve-2023-50868</url>
      <url>https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html</url>
      <url>https://blog.powerdns.com/2024/02/13/powerdns-recursor-4-8-6-4-9-3-5-0-2-released</url>
      <url>https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/</url>
      <freebsdsa>SA-24:03.unbound</freebsdsa>
    </references>
    <dates>
      <discovery>2024-02-06</discovery>
      <entry>2024-02-13</entry>
      <modified>2024-04-01</modified>
    </dates>
  </vuln>

  <vuln vid="cbfc1591-c8c0-11ee-b45a-589cfc0f81b0">
    <topic>phpmyfaq -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>phpmyfaq-php81</name>
	<name>phpmyfaq-php82</name>
	<name>phpmyfaq-php83</name>
	<range><lt>3.2.5</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>phpMyFAQ team reports:</p>
	<blockquote cite="https://www.phpmyfaq.de/security/advisory-2024-02-05">
	  <p>phpMyFAQ doesn't implement sufficient checks to avoid XSS when
	    storing on attachments filenames. The 'sharing FAQ' functionality
	    allows any unauthenticated actor to misuse the phpMyFAQ application
	    to send arbitrary emails to a large range of targets. phpMyFAQ's
	    user removal page allows an attacker to spoof another user's
	    detail, and in turn make a compelling phishing case for removing
	    another user's account.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-7m8g-fprr-47fx</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9hhf-xmcw-r3xg</url>
      <url>https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-6648-6g96-mg35</url>
    </references>
    <dates>
      <discovery>2024-02-05</discovery>
      <entry>2024-02-11</entry>
    </dates>
  </vuln>

  <vuln vid="f161a5ad-c9bd-11ee-b7a7-353f1e043d9a">
    <topic>openexr -- Heap Overflow in Scanline Deep Data Parsing</topic>
    <affects>
      <package>
	<name>openexr</name>
	<range><lt>3.1.12</lt></range>
	<range><ge>3.2.0</ge><lt>3.2.2</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Austin Hackers Anonymous report:</p>
	<blockquote cite="https://takeonme.org/cves/CVE-2023-5841.html">
	  <p>Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEXR image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability.</p>
	</blockquote>
	<blockquote cite="https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.2.2">
	  <p>[...] it is in a routine that is predominantly used for development and
	    testing. It is not likely to appear in production code.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-5841</cvename>
      <url>https://takeonme.org/cves/CVE-2023-5841.html</url>
      <url>https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.2.2</url>
    </references>
    <dates>
      <discovery>2023-10-26</discovery>
      <entry>2024-02-12</entry>
    </dates>
  </vuln>

  <vuln vid="388eefc0-c93f-11ee-92ce-4ccc6adda413">
    <topic>readstat -- Heap buffer overflow in readstat_convert</topic>
    <affects>
      <package>
	<name>readstat</name>
	<range><lt>1.1.9</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Google reports:</p>
	<blockquote cite="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33991">
	  <p>A heap buffer overflow exists in readstat_convert.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <url>https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33991</url>
      <url>https://osv.dev/vulnerability/OSV-2021-732</url>
      <url>https://github.com/WizardMac/ReadStat/issues/285</url>
    </references>
    <dates>
      <discovery>2021-05-05</discovery>
      <entry>2024-02-12</entry>
    </dates>
  </vuln>

  <vuln vid="cb22a9a6-c907-11ee-8d1c-40b034429ecf">
    <topic>p5-Spreadsheet-ParseExcel -- Remote Code Execution Vulnerability</topic>
    <affects>
      <package>
	<name>p5-Spreadsheet-ParseExcel</name>
	<range><lt>0.66</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Spreadsheet-ParseExcel reports:</p>
	<blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2023-7101">
	  <p>
	    Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files.
	    Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability
	    due to passing unvalidated input from a file into a string-type eval "eval".
	    Specifically, the issue stems from the evaluation of Number format strings
	    (not to be confused with printf-style format strings) within the Excel parsing logic.
	  </p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-7101</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-7101</url>
    </references>
    <dates>
      <discovery>2023-12-29</discovery>
      <entry>2024-02-11</entry>
    </dates>
  </vuln>

  <vuln vid="19e6dd1b-c6a5-11ee-9cd0-6cc21735f730">
    <topic>postgresql-server -- non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL</topic>
    <affects>
      <package>
	<name>postgresql-server</name>
	<range><lt>15.6</lt></range>
	<range><lt>14.11</lt></range>
	<range><lt>13.14</lt></range>
	<range><lt>12.18</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>PostgreSQL Project reports:</p>
	<blockquote cite="https://www.postgresql.org/support/security/CVE-2024-0985/">
	  <p>
	    One step of a concurrent refresh command was run under
	    weak security restrictions. If a materialized view's
	    owner could persuade a superuser or other
	    high-privileged user to perform a concurrent refresh on
	    that view, the view's owner could control code executed
	    with the privileges of the user running REFRESH. The fix
	    for the vulnerability makes is so that all
	    user-determined code is run as the view's owner, as
	    expected.
	  </p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0985</cvename>
      <url>https://www.postgresql.org/support/security/CVE-2024-0985/</url>
    </references>
    <dates>
      <discovery>2024-02-08</discovery>
      <entry>2024-02-08</entry>
    </dates>
  </vuln>

  <vuln vid="6b2cba6a-c6a5-11ee-97d0-001b217b3468">
    <topic>Gitlab -- vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>16.8.0</ge><lt>16.8.2</lt></range>
	<range><ge>16.7.0</ge><lt>16.7.5</lt></range>
	<range><ge>13.3.0</ge><lt>16.6.7</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2024/02/07/security-release-gitlab-16-8-2-released/">
	  <p>Restrict group access token creation for custom roles</p>
	  <p>Project maintainers can bypass group's scan result policy block_branch_modification setting</p>
	  <p>ReDoS in CI/CD Pipeline Editor while verifying Pipeline syntax</p>
	  <p>Resource exhaustion using GraphQL vulnerabilitiesCountByDay</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-1250</cvename>
      <cvename>CVE-2023-6840</cvename>
      <cvename>CVE-2023-6386</cvename>
      <cvename>CVE-2024-1066</cvename>
      <url>https://about.gitlab.com/releases/2024/02/07/security-release-gitlab-16-8-2-released/</url>
    </references>
    <dates>
      <discovery>2024-02-07</discovery>
      <entry>2024-02-08</entry>
    </dates>
  </vuln>

  <vuln vid="33ba2241-c68e-11ee-9ef3-001999f8d30b">
    <topic>Composer -- Code execution and possible privilege escalation</topic>
    <affects>
      <package>
	<name>php81-composer</name>
	<range><lt>2.7.0</lt></range>
      </package>
      <package>
	<name>php82-composer</name>
	<range><lt>2.7.0</lt></range>
      </package>
      <package>
	<name>php83-composer</name>
	<range><lt>2.7.0</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Copmposer reports:</p>
	<blockquote cite="https://github.com/composer/composer/security/advisories/GHSA-7c6p-848j-wh5h">
	  <p>Code execution and possible privilege escalation via
	  compromised InstalledVersions.php or installed.php.</p>
	  <p>Several files within the local working directory are
	  included during the invocation of Composer and in the
	  context of the executing user.</p>
	  <p>As such, under certain conditions arbitrary code
	  execution may lead to local privilege escalation, provide
	  lateral user movement or malicious code execution when
	  Composer is invoked within a directory with tampered
	  files.</p>
	  <p>All Composer CLI commands are affected, including
	  composer.phar's self-update.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-24821</cvename>
      <url>https://github.com/composer/composer/security/advisories/GHSA-7c6p-848j-wh5h</url>
    </references>
    <dates>
      <discovery>2024-02-08</discovery>
      <entry>2024-02-08</entry>
    </dates>
  </vuln>

  <vuln vid="43768ff3-c683-11ee-97d0-001b217b3468">
    <topic>Libgit2 -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>eza</name>
	<range><lt>0.18.2</lt></range>
      </package>
      <package>
	<name>libgit2</name>
	<range><ge>1.7.0</ge><lt>1.7.2</lt></range>
	<range><lt>1.6.5</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Git community reports:</p>
	<blockquote cite="https://github.com/libgit2/libgit2/releases/tag/v1.7.2">
	  <p>A bug in git_revparse_single is fixed that could have caused the function to enter an infinite loop given well-crafted inputs, potentially causing a Denial of Service attack in the calling application</p>
	  <p>A bug in git_revparse_single is fixed that could have caused the function to enter an infinite loop given well-crafted inputs, potentially causing a Denial of Service attack in the calling application</p>
	  <p>A bug in the smart transport negotiation could have caused an out-of-bounds read when a remote server did not advertise capabilities</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-24577</cvename>
      <url>https://github.com/libgit2/libgit2/releases/tag/v1.7.2</url>
    </references>
    <dates>
      <discovery>2024-02-06</discovery>
      <entry>2024-02-08</entry>
      <modified>2024-02-14</modified>
    </dates>
  </vuln>

  <vuln vid="19047673-c680-11ee-86bb-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>121.0.6167.160</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>121.0.6167.160</lt></range>
      </package>
      <package>
       <name>qt5-webengine</name>
       <range><lt>5.15.16.p5_5</lt></range>
      </package>
      <package>
       <name>qt6-webengine</name>
       <range><lt>6.6.1_5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html">
	 <p>This update includes 3 security fixes:</p>
	 <ul>
	    <li>[41494539] High CVE-2024-1284: Use after free in Mojo. Reported by Anonymous on 2024-01-25</li>
	    <li>[41494860] High CVE-2024-1283: Heap buffer overflow in Skia. Reported by Jorge Buzeti (@r3tr074) on 2024-01-25</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-1284</cvename>
      <cvename>CVE-2024-1283</cvename>
      <url>https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html</url>
    </references>
    <dates>
      <discovery>2024-02-06</discovery>
      <entry>2024-02-08</entry>
    </dates>
  </vuln>

  <vuln vid="68ae70c5-c5e5-11ee-9768-08002784c58d">
    <topic>clamav -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>clamav</name>
	<range><lt>1.2.2,1</lt></range>
      </package>
      <package>
	<name>clamav-lts</name>
	<range><lt>1.0.5,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The ClamAV project reports:</p>
	<blockquote cite="https://blog.clamav.net/2023/11/clamav-130-122-105-released.html">
	  <dl>
	    <dt>CVE-2024-20290</dt>
	    <dd>
	      A vulnerability in the OLE2 file format parser of ClamAV
	      could allow an unauthenticated, remote attacker to cause
	      a denial of service (DoS) condition on an affected
	      device. This vulnerability is due to an incorrect check
	      for end-of-string values during scanning, which may
	      result in a heap buffer over-read. An attacker could
	      exploit this vulnerability by submitting a crafted file
	      containing OLE2 content to be scanned by ClamAV on an
	      affected device. A successful exploit could allow the
	      attacker to cause the ClamAV scanning process to
	      terminate, resulting in a DoS condition on the affected
	      software and consuming available system resources.
	    </dd>
	    <dt>CVE-2024-20328</dt>
	    <dd>
	      Fixed a possible command injection vulnerability in the
	      &quot;VirusEvent&quot; feature of ClamAV's ClamD
	      service. To fix this issue, we disabled the '%f' format
	      string parameter.	 ClamD administrators may continue to
	      use the `CLAM_VIRUSEVENT_FILENAME` environment variable,
	      instead of '%f'. But you should do so only from within
	      an executable, such as a Python script, and not directly
	      in the clamd.conf &quot;VirusEvent&quot; command.
	    </dd>
	  </dl>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-20290</cvename>
      <cvename>CVE-2024-20328</cvename>
      <url>https://blog.clamav.net/2023/11/clamav-130-122-105-released.html</url>
    </references>
    <dates>
      <discovery>2024-02-07</discovery>
      <entry>2024-02-07</entry>
    </dates>
  </vuln>

  <vuln vid="e0f6215b-c59e-11ee-a6db-080027a5b8e9">
    <topic>Django -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>py39-django32</name>
	<name>py310-django32</name>
	<name>py311-django32</name>
	<range><lt>3.2.24</lt></range>
      </package>
      <package>
	<name>py39-django42</name>
	<name>py310-django42</name>
	<name>py311-django42</name>
	<range><lt>4.2.8</lt></range>
      </package>
      <package>
	<name>py311-django50</name>
	<range><lt>5.0.2</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Django reports:</p>
	<blockquote cite="https://www.djangoproject.com/weblog/2024/feb/06/security-releases/">
	  <p>CVE-2024-24680:Potential denial-of-service in intcomma template filter.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-24680</cvename>
      <url>https://www.djangoproject.com/weblog/2024/feb/06/security-releases/</url>
    </references>
    <dates>
      <discovery>2024-01-09</discovery>
      <entry>2024-02-07</entry>
    </dates>
  </vuln>

  <vuln vid="dc9e5237-c197-11ee-86bb-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>121.0.6167.139</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>121.0.6167.139</lt></range>
      </package>
      <package>
       <name>qt5-webengine</name>
       <range><lt>5.15.16.p5_5</lt></range>
      </package>
      <package>
       <name>qt6-webengine</name>
       <range><lt>6.6.1_5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html">
	 <p>This update includes 4 security fixes:</p>
	 <ul>
	    <li>[1511567] High CVE-2024-1060: Use after free in Canvas. Reported by Anonymous on 2023-12-14</li>
	    <li>[1514777] High CVE-2024-1059: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-12-29</li>
	    <li>[1511085] High CVE-2024-1077: Use after free in Network. Reported by Microsoft Security Research Center on 2023-12-13</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-1060</cvename>
      <cvename>CVE-2024-1059</cvename>
      <cvename>CVE-2024-1077</cvename>
      <url>https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html</url>
    </references>
    <dates>
      <discovery>2024-01-30</discovery>
      <entry>2024-02-02</entry>
    </dates>
  </vuln>

  <vuln vid="72d6d757-c197-11ee-86bb-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>121.0.6167.85</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>121.0.6167.85</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html">
	 <p>This update includes 17 security fixes:</p>
	 <ul>
	    <li>[1484394] High CVE-2024-0812: Inappropriate implementation in Accessibility. Reported by Anonymous on 2023-09-19</li>
	    <li>[1504936] High CVE-2024-0808: Integer underflow in WebUI. Reported by Lyra Rebane (rebane2001) on 2023-11-24</li>
	    <li>[1496250] Medium CVE-2024-0810: Insufficient policy enforcement in DevTools. Reported by Shaheen Fazim on 2023-10-26</li>
	    <li>[1463935] Medium CVE-2024-0814: Incorrect security UI in Payments. Reported by Muneaki Nishimura (nishimunea) on 2023-07-11</li>
	    <li>[1477151] Medium CVE-2024-0813: Use after free in Reading Mode. Reported by @retsew0x01 on 2023-08-30</li>
	    <li>[1505176] Medium CVE-2024-0806: Use after free in Passwords. Reported by 18楼梦想改造家 on 2023-11-25</li>
	    <li>[1514925] Medium CVE-2024-0805: Inappropriate implementation in Downloads. Reported by Om Apip on 2024-01-01</li>
	    <li>[1515137] Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India)  on 2024-01-03</li>
	    <li>[1494490] Low CVE-2024-0811: Inappropriate implementation in Extensions API. Reported by Jann Horn of Google Project Zero on 2023-10-21</li>
	    <li>[1497985] Low CVE-2024-0809: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-10-31</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-0812</cvename>
      <cvename>CVE-2024-0808</cvename>
      <cvename>CVE-2024-0810</cvename>
      <cvename>CVE-2024-0814</cvename>
      <cvename>CVE-2024-0813</cvename>
      <cvename>CVE-2024-0806</cvename>
      <cvename>CVE-2024-0805</cvename>
      <cvename>CVE-2024-0804</cvename>
      <cvename>CVE-2024-0811</cvename>
      <cvename>CVE-2024-0809</cvename>
      <url>https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html</url>
    </references>
    <dates>
      <discovery>2024-01-23</discovery>
      <entry>2024-02-02</entry>
    </dates>
  </vuln>

  <vuln vid="13a8c4bf-cb2b-48ec-b49c-a3875c72b3e8">
    <topic>electron{26,27,28} -- Use after free in Web Audio</topic>
    <affects>
      <package>
	<name>electron26</name>
	<range><lt>26.6.8</lt></range>
      </package>
      <package>
	<name>electron27</name>
	<range><lt>27.3.1</lt></range>
      </package>
      <package>
	<name>electron28</name>
	<range><lt>28.2.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers reports:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v26.6.8">
	  <p>This update fixes the following vulnerability:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-0807.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0807</cvename>
      <url>https://github.com/advisories/GHSA-hjm7-v5pw-x89r</url>
    </references>
    <dates>
      <discovery>2024-01-31</discovery>
      <entry>2024-02-01</entry>
    </dates>
  </vuln>

  <vuln vid="bbcb1584-c068-11ee-bdd6-4ccc6adda413">
    <topic>qt6-webengine -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>qt5-webengine</name>
	<range><lt>5.15.16.p5_5</lt></range>
      </package>
      <package>
	<name>qt6-webengine</name>
	<range><lt>6.6.1_4</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Qt qtwebengine-chromium repo reports:</p>
	<blockquote cite="https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=112-based">
	  <p>Backports for 3 security bugs in Chromium:</p>
	  <ul>
	    <li>[1505080] High CVE-2024-0807: Use after free in WebAudio</li>
	    <li>[1504936] Critical CVE-2024-0808: Integer underflow in WebUI</li>
	    <li>[1496250] Medium CVE-2024-0810: Insufficient policy enforcement in DevTools</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0807</cvename>
      <cvename>CVE-2024-0808</cvename>
      <cvename>CVE-2024-0810</cvename>
      <url>https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=112-based</url>
    </references>
    <dates>
      <discovery>2024-01-30</discovery>
      <entry>2024-01-31</entry>
    </dates>
  </vuln>

  <vuln vid="10dee731-c069-11ee-9190-84a93843eb75">
    <topic>OpenSSL -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>openssl</name>
	<range><lt>3.0.13,1</lt></range>
      </package>
      <package>
	<name>openssl-quictls</name>
	<range><lt>3.0.13</lt></range>
      </package>
      <package>
	<name>openssl31</name>
	<range><lt>3.1.5</lt></range>
      </package>
      <package>
	<name>openssl31-quictls</name>
	<range><lt>3.1.5</lt></range>
      </package>
      <package>
	<name>openssl32</name>
	<range><lt>3.2.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The OpenSSL project reports:</p>
	<blockquote cite="https://www.openssl.org/news/secadv/20240125.txt">
	  <p>Excessive time spent checking invalid RSA public keys (CVE-2023-6237)</p>
	  <p>PKCS12 Decoding crashes (CVE-2024-0727)</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0727</cvename>
      <cvename>CVE-2023-6237</cvename>
      <url>https://www.openssl.org/news/secadv/20240125.txt</url>
      <url>https://www.openssl.org/news/secadv/20240115.txt</url>
      <url>https://www.openssl.org/news/openssl-3.0-notes.html</url>
      <url>https://www.openssl.org/news/openssl-3.1-notes.html</url>
      <url>https://www.openssl.org/news/openssl-3.2-notes.html</url>
    </references>
    <dates>
      <discovery>2024-01-30</discovery>
      <entry>2024-01-31</entry>
    </dates>
  </vuln>

  <vuln vid="67c2eb06-5579-4595-801b-30355be24654">
    <topic>lizard -- Negative size passed to memcpy resulting in memory corruption</topic>
    <affects>
      <package>
	<name>lizard</name>
	<range><lt>1.0_1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>cve@mitre.org reports:</p>
	<blockquote cite="https://github.com/inikep/lizard/issues/16">
	  <p>In Lizard v1.0 and LZ5 v2.0 (the prior release, before the product
	was renamed), there is an unchecked buffer size during a memcpy in
	the Lizard_decompress_LIZv1 function (lib/lizard_decompress_liz.h).
	Remote attackers can leverage this vulnerability to cause a denial
	of service via a crafted input file, as well as achieve remote code
	execution.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2018-11498</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2018-11498</url>
    </references>
    <dates>
      <discovery>2018-05-26</discovery>
      <entry>2024-01-31</entry>
    </dates>
  </vuln>

  <vuln vid="a25b323a-bed9-11ee-bdd6-4ccc6adda413">
    <topic>qt6-webengine -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>qt6-webengine</name>
	<range><lt>6.6.1_3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Qt qtwebengine-chromium repo reports:</p>
	<blockquote cite="https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=112-based">
	  <p>Backports for 15 security bugs in Chromium:</p>
	  <ul>
	    <li>[1505053] High CVE-2023-6345: Integer overflow in Skia</li>
	    <li>[1500856] High CVE-2023-6346: Use after free in WebAudio</li>
	    <li>[1494461] High CVE-2023-6347: Use after free in Mojo</li>
	    <li>[1501326] High CVE-2023-6702: Type Confusion in V8</li>
	    <li>[1502102] High CVE-2023-6703: Use after free in Blink</li>
	    <li>[1505708] High CVE-2023-6705: Use after free in WebRTC</li>
	    <li>[1500921] High CVE-2023-6706: Use after free in FedCM</li>
	    <li>[1513170] High CVE-2023-7024: Heap buffer overflow in WebRTC</li>
	    <li>[1501798] High CVE-2024-0222: Use after free in ANGLE</li>
	    <li>[1505009] High CVE-2024-0223: Heap buffer overflow in ANGLE</li>
	    <li>[1505086] High CVE-2024-0224: Use after free in WebAudio</li>
	    <li>[1506923] High CVE-2024-0225: Use after free in WebGPU</li>
	    <li>[1513379] High CVE-2024-0333: Insufficient data validation in Extensions</li>
	    <li>[1507412] High CVE-2024-0518: Type Confusion in V8</li>
	    <li>[1517354] High CVE-2024-0519: Out of bounds memory access in V8</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-6345</cvename>
      <cvename>CVE-2023-6346</cvename>
      <cvename>CVE-2023-6347</cvename>
      <cvename>CVE-2023-6702</cvename>
      <cvename>CVE-2023-6703</cvename>
      <cvename>CVE-2023-6705</cvename>
      <cvename>CVE-2023-6706</cvename>
      <cvename>CVE-2023-7024</cvename>
      <cvename>CVE-2024-0222</cvename>
      <cvename>CVE-2024-0223</cvename>
      <cvename>CVE-2024-0224</cvename>
      <cvename>CVE-2024-0225</cvename>
      <cvename>CVE-2024-0333</cvename>
      <cvename>CVE-2024-0518</cvename>
      <cvename>CVE-2024-0519</cvename>
      <url>https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=112-based</url>
    </references>
    <dates>
      <discovery>2024-01-08</discovery>
      <entry>2024-01-29</entry>
    </dates>
  </vuln>

  <vuln vid="a11e7dd1-bed4-11ee-bdd6-4ccc6adda413">
    <topic>qt5-webengine -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>qt5-webengine</name>
	<range><lt>5.15.16.p5_4</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Qt qtwebengine-chromium repo reports:</p>
	<blockquote cite="https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=87-based">
	  <p>Backports for 8 security bugs in Chromium:</p>
	  <ul>
	    <li>[1505053] High CVE-2023-6345: Integer overflow in Skia</li>
	    <li>[1501326] High CVE-2023-6702: Type Confusion in V8</li>
	    <li>[1513170] High CVE-2023-7024: Heap buffer overflow in WebRTC</li>
	    <li>[1501798] High CVE-2024-0222: Use after free in ANGLE</li>
	    <li>[1505086] High CVE-2024-0224: Use after free in WebAudio</li>
	    <li>[1513379] High CVE-2024-0333: Insufficient data validation in Extensions</li>
	    <li>[1507412] High CVE-2024-0518: Type Confusion in V8</li>
	    <li>[1517354] High CVE-2024-0519: Out of bounds memory access in V8</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-6345</cvename>
      <cvename>CVE-2023-6702</cvename>
      <cvename>CVE-2023-7024</cvename>
      <cvename>CVE-2024-0222</cvename>
      <cvename>CVE-2024-0224</cvename>
      <cvename>CVE-2024-0333</cvename>
      <cvename>CVE-2024-0518</cvename>
      <cvename>CVE-2024-0519</cvename>
      <url>https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=87-based</url>
    </references>
    <dates>
      <discovery>2024-01-08</discovery>
      <entry>2024-01-29</entry>
    </dates>
  </vuln>

  <vuln vid="b5e22ec5-bc4b-11ee-b0b5-b42e991fc52e">
    <topic>rclone -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>rclone</name>
	<range><lt>1.65.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Multiple vulnerabilities in ssh and golang</p>
	<blockquote cite="https://github.com/go-resty/resty/commit/577fed8730d79f583eb48dfc81674164e1fc471e">
	  <ul>
	    <li>
	      CVE-2023-45286: HTTP request body disclosure in go-resty
	      disclosure across requests.
	    </li>
	    <li>
	      CVE-2023-48795: The SSH transport protocol with certain
	      OpenSSH extensions, found in OpenSSH before 9.6 and
	      other products, allows remote attackers to bypass
	      integrity checks.
	    </li>
	  </ul>
  </blockquote>
  </body>
    </description>
    <references>
      <cvename>CVE-2023-45286</cvename>
      <cvename>CVE-2023-48795</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-45286</url>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2023-48795</url>
    </references>
    <dates>
      <discovery>2023-11-28</discovery>
      <entry>2024-01-26</entry>
    </dates>
  </vuln>

  <vuln vid="61fe903b-bc2e-11ee-b06e-001b217b3468">
    <topic>Gitlab -- vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>16.8.0</ge><lt>16.8.1</lt></range>
	<range><ge>16.7.0</ge><lt>16.7.4</lt></range>
	<range><ge>16.6.0</ge><lt>16.6.6</lt></range>
	<range><ge>12.7.0</ge><lt>16.5.8</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/">
	  <p>Arbitrary file write while creating workspace</p>
	  <p>ReDoS in Cargo.toml blob viewer</p>
	  <p>Arbitrary API PUT requests via HTML injection in user's name</p>
	  <p>Disclosure of the public email in Tags RSS Feed</p>
	  <p>Non-Member can update MR Assignees of owned MRs</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0402</cvename>
      <cvename>CVE-2023-6159</cvename>
      <cvename>CVE-2023-5933</cvename>
      <cvename>CVE-2023-5612</cvename>
      <cvename>CVE-2024-0456</cvename>
      <url>https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/</url>
    </references>
    <dates>
      <discovery>2024-01-25</discovery>
      <entry>2024-01-26</entry>
    </dates>
  </vuln>

  <vuln vid="8b03d274-56ca-489e-821a-cf32f07643f0">
    <topic>jenkins -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>jenkins</name>
	<range><lt>2.422</lt></range>
      </package>
      <package>
	<name>jenkins-lts</name>
	<range><lt>2.426.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Jenkins Security Advisory:</p>
	<blockquote cite="https://www.jenkins.io/security/advisory/2024-01-24/">
	  <h1>Description</h1>
	  <h5>(Critical) SECURITY-3314 / CVE-2024-23897</h5>
	  <p>Arbitrary file read vulnerability through the CLI can lead to RCE</p>
	  <h1>Description</h1>
	  <h5>(High) SECURITY-3315 / CVE-2024-23898</h5>
	  <p>Cross-site WebSocket hijacking vulnerability in the CLI</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-23897</cvename>
      <cvename>CVE-2024-23898</cvename>
      <url>https://www.jenkins.io/security/advisory/2024-01-24/</url>
    </references>
    <dates>
      <discovery>2024-01-24</discovery>
      <entry>2024-01-24</entry>
    </dates>
  </vuln>

  <vuln vid="9532a361-b84d-11ee-b0d7-84a93843eb75">
    <topic>TinyMCE -- mXSS in multiple plugins</topic>
    <affects>
      <package>
	<name>tinymce</name>
	<range><lt>6.7.3</lt></range>
      </package>
      <package>
	<name>roundcube</name>
	<range><lt>1.6.6,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>TinyMCE reports:</p>
	<blockquote cite="https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8">
	  <p>Special characters in unescaped text nodes can trigger mXSS
	    when using TinyMCE undo/redo, getContentAPI, resetContentAPI,
	    and Autosave plugin</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-48219</cvename>
      <url>https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8</url>
      <url>https://github.com/roundcube/roundcubemail/releases/tag/1.6.6</url>
    </references>
    <dates>
      <discovery>2023-11-15</discovery>
      <entry>2024-01-23</entry>
    </dates>
  </vuln>

  <vuln vid="fedf7e71-61bd-49ec-aaf0-6da14bdbb319">
    <topic>zeek -- potential DoS vulnerability</topic>
    <affects>
      <package>
	<name>zeek</name>
	<range><lt>6.0.3</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Tim Wojtulewicz of Corelight reports:</p>
	<blockquote cite="https://github.com/zeek/zeek/releases/tag/v6.0.3">
	  <p>A specially-crafted series of packets containing nested
	  MIME entities can cause Zeek to spend large amounts of
	  time parsing the entities. </p>
	</blockquote>
	</body>
    </description>
    <references>
      <url>https://github.com/zeek/zeek/releases/tag/v6.0.3</url>
    </references>
    <dates>
      <discovery>2024-01-22</discovery>
      <entry>2024-01-22</entry>
    </dates>
  </vuln>

  <vuln vid="2264566a-a890-46eb-a895-7881dd220bd0">
    <topic>electron26 -- Out of bounds memory access in V8</topic>
    <affects>
      <package>
	<name>electron26</name>
	<range><lt>26.6.7</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v26.6.7">
	  <p>This update fixes the following vulnerability:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-0519.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0519</cvename>
      <url>https://github.com/advisories/GHSA-vg6w-jr5m-86c8</url>
    </references>
    <dates>
      <discovery>2024-01-18</discovery>
      <entry>2024-01-19</entry>
    </dates>
  </vuln>

  <vuln vid="a8326b61-eda0-4c03-9a5b-49ebd8f41c1a">
    <topic>electron{26,27} -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>electron26</name>
	<range><lt>26.6.6</lt></range>
      </package>
      <package>
	<name>electron27</name>
	<range><lt>27.2.4</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.2.3">
	  <p>This update fixes the following vulnerabilities:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-0518.</li>
	    <li>Security: backported fix for CVE-2024-0517.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0518</cvename>
      <url>https://github.com/advisories/GHSA-4pvg-f3m8-ff3j</url>
      <cvename>CVE-2024-0517</cvename>
      <url>https://github.com/advisories/GHSA-v39r-662x-j524</url>
    </references>
    <dates>
      <discovery>2024-01-17</discovery>
      <entry>2024-01-17</entry>
      <modified>2024-01-18</modified>
    </dates>
  </vuln>

  <vuln vid="1bc07be0-b514-11ee-86bb-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>120.0.6099.224</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>120.0.6099.224</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html">
	 <p>This update includes 4 security fixes:</p>
	 <ul>
	    <li>[1515930] High CVE-2024-0517: Out of bounds write in V8. Reported by Toan (suto) Pham of Qrious Secure on 2024-01-06</li>
	    <li>[1507412] High CVE-2024-0518: Type Confusion in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2023-12-03</li>
	    <li>[1517354] High CVE-2024-0519: Out of bounds memory access in V8. Reported by Anonymous on 2024-01-11</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-0517</cvename>
      <cvename>CVE-2024-0518</cvename>
      <cvename>CVE-2024-0519</cvename>
      <url>https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html</url>
    </references>
    <dates>
      <discovery>2024-01-16</discovery>
      <entry>2024-01-17</entry>
    </dates>
  </vuln>

  <vuln vid="7467c611-b490-11ee-b903-001fc69cd6dc">
    <topic>xorg server -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>xorg-server</name>
	<name>xephyr</name>
	<name>xorg-vfbserver</name>
	<range><lt>21.1.11,1</lt></range>
      </package>
      <package>
	<name>xorg-nextserver</name>
	<range><lt>21.1.11,2</lt></range>
      </package>
      <package>
	<name>xwayland</name>
	<range><lt>23.2.4</lt></range>
      </package>
      <package>
	<name>xwayland-devel</name>
	<range><lt>21.0.99.1.653</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>The X.Org project reports:</p>
	<blockquote cite="https://lists.x.org/archives/xorg/2024-January/061525.html">
	  <ul>
	    <li>CVE-2023-6816: Heap buffer overflow in DeviceFocusEvent
	    and ProcXIQueryPointer

	    <p>Both DeviceFocusEvent and the XIQueryPointer reply contain a bit
	    for each logical button currently down. Buttons can be arbitrarily
	    mapped to any value up to 255 but the X.Org Server was only
	    allocating space for the device's number of buttons,
	    leading to a heap overflow if a bigger value was used.</p></li>
	    <li>CVE-2024-0229: Reattaching to different master device may lead
	    to out-of-bounds memory access

	    <p>If a device has both a button class and a key class and
	    numButtons is zero, we can get an out-of-bounds write due
	    to event under-allocation in the DeliverStateNotifyEvent
	    function.</p></li>

	    <li>CVE-2024-21885: Heap buffer overflow in
	    XISendDeviceHierarchyEvent

	    <p>The XISendDeviceHierarchyEvent() function allocates space to
	    store up to MAXDEVICES (256) xXIHierarchyInfo structures in info.
	    If a device with a given ID was removed and a new device with
	    the same ID added both in the same operation,
	    the single device ID will lead to two info structures being
	    written to info.
	    Since this case can occur for every device ID at once,
	    a total of two times MAXDEVICES info structures might be written
	    to the allocation, leading to a heap buffer overflow.</p></li>

	    <li>CVE-2024-21886: Heap buffer overflow in DisableDevice

	    <p>The DisableDevice() function is called whenever an enabled device
	    is disabled and it moves the device from the inputInfo.devices
	    linked list to the inputInfo.off_devices linked list.
	    However, its link/unlink operation has an issue during the recursive
	    call to DisableDevice() due to the prev pointer pointing to a
	    removed device.
	    This issue leads to a length mismatch between the total number of
	    devices and the number of device in the list, leading to a heap
	    overflow and, possibly, to local privilege escalation.</p></li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-6816</cvename>
      <cvename>CVE-2024-0229</cvename>
      <cvename>CVE-2024-21885</cvename>
      <cvename>CVE-2024-21886</cvename>
      <url>https://lists.x.org/archives/xorg/2024-January/061525.html</url>
    </references>
    <dates>
      <discovery>2024-01-16</discovery>
      <entry>2024-01-16</entry>
    </dates>
  </vuln>

  <vuln vid="28b42ef5-80cd-440c-904b-b7fbca74c73d">
    <topic>electron{26,27} -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>electron26</name>
	<range><lt>26.6.5</lt></range>
      </package>
      <package>
	<name>electron27</name>
	<range><lt>27.2.2</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v26.6.5">
	  <p>This update fixes the following vulnerabilities:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2024-0224.</li>
	    <li>Security: backported fix for CVE-2024-0225.</li>
	    <li>Security: backported fix for CVE-2024-0223.</li>
	    <li>Security: backported fix for CVE-2024-0222.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-0224</cvename>
      <url>https://github.com/advisories/GHSA-83wx-v283-85g9</url>
      <cvename>CVE-2024-0225</cvename>
      <url>https://github.com/advisories/GHSA-gqr9-4fcc-c9jq</url>
      <cvename>CVE-2024-0223</cvename>
      <url>https://github.com/advisories/GHSA-w8x8-g534-x4rp</url>
      <cvename>CVE-2024-0222</cvename>
      <url>https://github.com/advisories/GHSA-c87c-56pw-mwgh</url>
    </references>
    <dates>
      <discovery>2024-01-10</discovery>
      <entry>2024-01-12</entry>
    </dates>
  </vuln>

  <vuln vid="4c8c2218-b120-11ee-90ec-001b217b3468">
    <topic>Gitlab -- vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>16.7.0</ge><lt>16.7.2</lt></range>
	<range><ge>16.6.0</ge><lt>16.6.4</lt></range>
	<range><ge>8.13.0</ge><lt>16.5.6</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/">
	  <p>Account Takeover via Password Reset without user interactions</p>
	  <p>Attacker can abuse Slack/Mattermost integrations to execute slash commands as another user</p>
	  <p>Bypass CODEOWNERS approval removal</p>
	  <p>Workspaces able to be created under different root namespace</p>
	  <p>Commit signature validation ignores headers after signature</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-7028</cvename>
      <cvename>CVE-2023-5356</cvename>
      <cvename>CVE-2023-4812</cvename>
      <cvename>CVE-2023-6955</cvename>
      <cvename>CVE-2023-2030</cvename>
      <url>https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/</url>
    </references>
    <dates>
      <discovery>2024-01-11</discovery>
      <entry>2024-01-12</entry>
    </dates>
  </vuln>

  <vuln vid="8337251b-b07b-11ee-b0d7-84a93843eb75">
    <topic>OpenSSL -- Vector register corruption on PowerPC</topic>
    <affects>
      <package>
	<name>openssl</name>
	<range><lt>3.0.12_2,1</lt></range>
      </package>
      <package>
	<name>openssl-quictls</name>
	<range><lt>3.0.12_2</lt></range>
      </package>
      <package>
	<name>openssl31</name>
	<range><lt>3.1.4_2</lt></range>
      </package>
      <package>
	<name>openssl31-quictls</name>
	<range><lt>3.1.4_2</lt></range>
      </package>
      <package>
	<name>openssl32</name>
	<range><lt>3.2.0_1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>SO-AND-SO reports:</p>
	<blockquote cite="https://www.openssl.org/news/secadv/20240109.txt">
	  <p>The POLY1305 MAC (message authentication code) implementation
	    contains a bug that might corrupt the internal state of applications running
	    on PowerPC CPU based platforms if the CPU provides vector instructions.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-6129</cvename>
      <url>https://www.openssl.org/news/secadv/20240109.txt</url>
    </references>
    <dates>
	<discovery>2024-01-09</discovery>
      <entry>2024-01-11</entry>
    </dates>
  </vuln>

  <vuln vid="ec8e4040-afcd-11ee-86bb-a8a1599412c6">
    <topic>chromium -- security fix</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>120.0.6099.216</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>120.0.6099.216</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html">
	 <p>This update includes 1 security fix:</p>
	 <ul>
	    <li>[1513379] High CVE-2024-0333: Insufficient data validation in Extensions. Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC on 2023-12-20</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-0333</cvename>
      <url>https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html</url>
    </references>
    <dates>
      <discovery>2024-01-09</discovery>
      <entry>2024-01-10</entry>
    </dates>
  </vuln>

  <vuln vid="e2f981f1-ad9e-11ee-8b55-4ccc6adda413">
    <topic>QtNetwork -- potential buffer overflow</topic>
    <affects>
      <package>
	<name>qt5-network</name>
	<range><lt>5.15.12p148_1</lt></range>
      </package>
      <package>
	<name>qt6-base</name>
	<range><lt>6.6.1_2</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Andy Shaw reports:</p>
	<blockquote cite="https://www.qt.io/blog/security-advisory-potential-integer-overflow-in-qts-http2-implementation">
	  <p>A potential integer overflow has been discovered in Qt's HTTP2
	  implementation. If the HTTP2 implementation receives more than 4GiB
	  in total headers, or more than 2GiB for any given header pair, then
	  the internal buffers may overflow.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-51714</cvename>
      <url>https://www.qt.io/blog/security-advisory-potential-integer-overflow-in-qts-http2-implementation</url>
    </references>
    <dates>
      <discovery>2023-12-14</discovery>
      <entry>2024-01-07</entry>
    </dates>
  </vuln>

  <vuln vid="1f0d0024-ac9c-11ee-8e91-1c697a013f4b">
    <topic>mantis -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>mantis-php74</name>
	<name>mantis-php80</name>
	<name>mantis-php81</name>
	<name>mantis-php82</name>
	<name>mantis-php83</name>
	<range><lt>2.25.8,1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Mantis 2.25.8 release reports:</p>
	<blockquote cite="https://mantisbt.org/bugs/changelog_page.php?version_id=370">
	  <p>Security and maintenance release</p>
	  <ul>
	    <li>0032432: Update guzzlehttp/psr7 to 1.9.1 (CVE-2023-29197)</li>
	    <li>0032981: Information Leakage on DokuWiki Integration (CVE-2023-44394)</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-29197</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29197</url>
      <cvename>CVE-2023-44394</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44394</url>
    </references>
    <dates>
      <discovery>2023-10-14</discovery>
      <entry>2024-01-06</entry>
    </dates>
  </vuln>

  <vuln vid="3ee577a9-aad4-11ee-86bb-a8a1599412c6">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
      <package>
       <name>chromium</name>
       <range><lt>120.0.6099.199</lt></range>
      </package>
      <package>
       <name>ungoogled-chromium</name>
       <range><lt>120.0.6099.199</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>Chrome Releases reports:</p>
       <blockquote cite="https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html">
	 <p>This update includes 6 security fixes:</p>
	 <ul>
	    <li>[1501798] High CVE-2024-0222: Use after free in ANGLE. Reported by Toan (suto) Pham of Qrious Secure on 2023-11-13</li>
	    <li>[1505009] High CVE-2024-0223: Heap buffer overflow in ANGLE. Reported by Toan (suto) Pham and Tri Dang of Qrious Secure on 2023-11-24</li>
	    <li>[1505086] High CVE-2024-0224: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-25</li>
	    <li>[1506923] High CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous on 2023-12-01</li>
	 </ul>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2024-0222</cvename>
      <cvename>CVE-2024-0223</cvename>
      <cvename>CVE-2024-0224</cvename>
      <cvename>CVE-2024-0225</cvename>
      <url>https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html</url>
    </references>
    <dates>
      <discovery>2024-01-03</discovery>
      <entry>2024-01-04</entry>
    </dates>
  </vuln>

  <vuln vid="d1b20e09-dbdf-432b-83c7-89f0af76324a">
    <topic>electron27 -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>electron27</name>
	<range><lt>27.2.1</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v27.2.1">
	  <p>This update fixes the following vulnerabilities:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2023-6706.</li>
	    <li>Security: backported fix for CVE-2023-6705.</li>
	    <li>Security: backported fix for CVE-2023-6703.</li>
	    <li>Security: backported fix for CVE-2023-6702.</li>
	    <li>Security: backported fix for CVE-2023-6704.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-6706</cvename>
      <url>https://github.com/advisories/GHSA-jqrg-rvpw-5fw5</url>
      <cvename>CVE-2023-6705</cvename>
      <url>https://github.com/advisories/GHSA-h27f-fw5q-c2gh</url>
      <cvename>CVE-2023-6703</cvename>
      <url>https://github.com/advisories/GHSA-9v72-359m-2vx4</url>
      <cvename>CVE-2023-6702</cvename>
      <url>https://github.com/advisories/GHSA-7hjc-c62g-4w73</url>
      <cvename>CVE-2023-6704</cvename>
      <url>https://github.com/advisories/GHSA-587x-fmc5-99p9</url>
    </references>
    <dates>
      <discovery>2024-01-04</discovery>
      <entry>2024-01-04</entry>
    </dates>
  </vuln>

  <vuln vid="0cee4f9c-5efb-4770-b917-f4e4569e8bec">
    <topic>electron26 -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>electron26</name>
	<range><lt>26.6.4</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>Electron developers report:</p>
	<blockquote cite="https://github.com/electron/electron/releases/tag/v26.6.4">
	  <p>This update fixes the following vulnerabilities:</p>
	  <ul>
	    <li>Security: backported fix for CVE-2023-6704.</li>
	    <li>Security: backported fix for CVE-2023-6705.</li>
	    <li>Security: backported fix for CVE-2023-6703.</li>
	    <li>Security: backported fix for CVE-2023-6702.</li>
	  </ul>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2023-6704</cvename>
      <url>https://github.com/advisories/GHSA-587x-fmc5-99p9</url>
      <cvename>CVE-2023-6705</cvename>
      <url>https://github.com/advisories/GHSA-h27f-fw5q-c2gh</url>
      <cvename>CVE-2023-6703</cvename>
      <url>https://github.com/advisories/GHSA-9v72-359m-2vx4</url>
      <cvename>CVE-2023-6702</cvename>
      <url>https://github.com/advisories/GHSA-7hjc-c62g-4w73</url>
    </references>
    <dates>
      <discovery>2024-01-04</discovery>
      <entry>2024-01-04</entry>
    </dates>
  </vuln>

  <vuln vid="13d83980-9f18-11ee-8e38-002590c1f29c">
    <topic>FreeBSD -- Prefix Truncation Attack in the SSH protocol</topic>
    <affects>
      <package>
	<name>FreeBSD</name>
	<range><ge>14.0</ge><lt>14.0_4</lt></range>
	<range><ge>13.2</ge><lt>13.2_9</lt></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<h1>Problem Description:</h1>
	<p>The SSH protocol executes an initial handshake between the
	server and the client.  This protocol handshake includes the
	possibility of several extensions allowing different options to be
	selected.  Validation of the packets in the handshake is done through
	sequence numbers.</p>
	<h1>Impact:</h1>
	<p>A man in the middle attacker can silently manipulate handshake
	messages to truncate extension negotiation messages potentially
	leading to less secure client authentication algorithms or deactivating
	keystroke timing attack countermeasures.</p>
      </body>
    </description>
    <references>
      <cvename>CVE-2023-48795</cvename>
      <freebsdsa>SA-23:19.openssh</freebsdsa>
    </references>
    <dates>
      <discovery>2023-12-19</discovery>
      <entry>2024-01-02</entry>
    </dates>
  </vuln>

  <vuln vid="bd7592a1-cbfd-11ee-a42a-5404a6f3ca32">
    <topic>gitea -- Prevent anonymous container access</topic>
    <affects>
      <package>
	<name>gitea</name>
	<range><lt>1.21.5</lt></range>
      </package>
    </affects>
    <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
       <h1>Problem Description:</h1>
    <p>
      Even with RequireSignInView enabled, anonymous users can use docker pull
      to fetch public images.
    </p>
      </body>
    </description>
    <references>
      <url>https://blog.gitea.com/release-of-1.21.5/</url>
    </references>
    <dates>
      <discovery>2024-01-24</discovery>
      <entry>2024-02-15</entry>
    </dates>
  </vuln>