CVE-2023-28628

NameCVE-2023-28628
Descriptionlambdaisland/uri is a pure Clojure/ClojureScript URI library. In versi ...
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1133700

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
lambdaisland-uri-clojure (PTS)forky, sid, bookworm, trixie1.13.95-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
lambdaisland-uri-clojuresource(unstable)(unfixed)1133700

Notes

[trixie] - lambdaisland-uri-clojure <no-dsa> (Minor issue)
[bookworm] - lambdaisland-uri-clojure <no-dsa> (Minor issue)
https://github.com/lambdaisland/uri/security/advisories/GHSA-cp4w-6x4w-v2h5
Fixed by: https://github.com/lambdaisland/uri/commit/67063ed439dd0843536f27e8cde40a8a7d69f37b (v1.14.120)
Search for package or bug name: Reporting problems