[Git][security-tracker-team/security-tracker][master] Add three new libcrypto++ CVE entries
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 18 08:28:34 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6eb4bedb by Salvatore Bonaccorso at 2023-12-18T09:28:05+01:00
Add three new libcrypto++ CVE entries
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,11 +15,15 @@ CVE-2023-6903 (A vulnerability classified as critical has been found in Netentse
CVE-2023-6483 (The vulnerability exists in ADiTaaS (Allied Digital Integrated Tool-as ...)
TODO: check
CVE-2023-50981 (ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows atta ...)
- TODO: check
+ - libcrypto++ <unfixed>
+ NOTE: https://github.com/weidai11/cryptopp/issues/1249
CVE-2023-50980 (gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to ...)
- TODO: check
+ - libcrypto++ <unfixed>
+ NOTE: https://github.com/weidai11/cryptopp/issues/1248
+ TODO: check details about mitigation applied, but issue in per se "unfixed"
CVE-2023-50979 (Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during ...)
- TODO: check
+ - libcrypto++ <unfixed>
+ NOTE: https://github.com/weidai11/cryptopp/issues/1247
CVE-2023-50976 (Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authoriz ...)
TODO: check
CVE-2023-6902 (A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6eb4bedb9aa4b0699b323372aa07f1a6ff230f3e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6eb4bedb9aa4b0699b323372aa07f1a6ff230f3e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231218/2ccb5736/attachment.htm>
More information about the debian-security-tracker-commits
mailing list