doc: pkg-vulnerabilities +curl, +glpi, +graphviz, +mbedtls, +opensc, +py-aiohttp, +py-octoprint

doc/pkg-vulnerabilities

@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.112 2024/01/24 20:16:09 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.113 2024/02/03 16:39:14 tm Exp $
 #
 #FORMAT 1.0.0
 #
@@ -25855,3 +25855,15 @@ gnutls<3.8.3	timing-side-channel	https://nvd.nist.gov/vuln/detail/CVE-2023-0553
 py{27,38,39,310,311,312}-Pillow<10.2.0	arbitrary-code-execution	https://nvd.nist.gov/vuln/detail/CVE-2023-50447
 postgresql-server>=11<12	eol	http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
 nodejs>=16<18	eol	http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
+py{27,37,38,39,310,311,312}-aiohttp<3.9.2	directory-traversal	https://nvd.nist.gov/vuln/detail/CVE-2024-23334
+py{27,37,38,39,310,311,312}-aiohttp<3.9.2	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2024-23829
+curl<8.6.0	out-of-bounds	https://nvd.nist.gov/vuln/detail/CVE-2023-52071
+mbedtls<2.28.7	sensitive-information-disclosure	https://nvd.nist.gov/vuln/detail/CVE-2024-23170
+mbedtls>=3<3.5.2	sensitive-information-disclosure	https://nvd.nist.gov/vuln/detail/CVE-2024-23170
+mbedtls<2.28.7	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2024-23775
+mbedtls>=3<3.5.2	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2024-23775
+opensc-[0-9]*	sensitive-information-disclosure	https://nvd.nist.gov/vuln/detail/CVE-2023-5992
+py{27,37,38,39,310,311,312}-octoprint-[0-9]*	sensitive-information-disclosure	https://nvd.nist.gov/vuln/detail/CVE-2024-23637
+glpi<10.0.12	code-injection	https://nvd.nist.gov/vuln/detail/CVE-2023-51446
+glpi<10.0.12	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2024-23645
+graphviz<10	out-of-bounds-read	https://nvd.nist.gov/vuln/detail/CVE-2023-46045