[Git][security-tracker-team/security-tracker][master] Update entries wich are for opennds
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 25 20:40:59 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4ae727f1 by Salvatore Bonaccorso at 2023-12-25T21:40:12+01:00
Update entries wich are for opennds
By mistake previously tracked as NFU, whereas opennds exists in Debian
itself.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8,8 +8,6 @@ CVE-2023-48650 (Concrete CMS before 8.5.14 and 9 before 9.2.3 is vulnerable to a
NOT-FOR-US: Concrete CMS
CVE-2023-41165 (An issue was discovered in Stormshield Network Security (SNS) 3.7.0 th ...)
NOT-FOR-US: Stormshield Network Security (SNS)
-CVE-2023-38321 (OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other p ...)
- TODO: check
CVE-2023-34198 (In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7. ...)
NOT-FOR-US: Stormshield Network Security (SNS)
CVE-2023-7102 (Use of a Third Party library produced a vulnerability in Barracuda Net ...)
@@ -6782,9 +6780,9 @@ CVE-2023-45382 (In the module "SoNice Retour" (sonice_retour) up to version 2.1.
CVE-2023-42428 (Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a ...)
NOT-FOR-US: CubeCart
CVE-2023-41102 (An issue was discovered in the captive portal in OpenNDS before versio ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
CVE-2023-41101 (An issue was discovered in the captive portal in OpenNDS before versio ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
CVE-2023-40314 (Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS ...)
NOT-FOR-US: OpenNMS
CVE-2023-39548 (CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, ...)
@@ -6798,19 +6796,29 @@ CVE-2023-39545 (CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and ear
CVE-2023-39544 (CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, ...)
NOT-FOR-US: CLUSTERPRO
CVE-2023-38324 (An issue was discovered in OpenNDS Captive Portal before version 10.1. ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
+CVE-2023-38323
+ - opennds <unfixed>
CVE-2023-38322 (An issue was discovered in OpenNDS Captive Portal before version 10.1. ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
+CVE-2023-38321
+ - opennds <unfixed>
CVE-2023-38320 (An issue was discovered in OpenNDS Captive Portal before version 10.1. ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
+CVE-2023-38319
+ - opennds <unfixed>
+CVE-2023-38318
+ - opennds <unfixed>
+CVE-2023-38317
+ - opennds <unfixed>
CVE-2023-38316 (An issue was discovered in OpenNDS Captive Portal before version 10.1. ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
CVE-2023-38315 (An issue was discovered in OpenNDS Captive Portal before version 10.1. ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
CVE-2023-38314 (An issue was discovered in OpenNDS Captive Portal before version 10.1. ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
CVE-2023-38313 (An issue was discovered in OpenNDS Captive Portal before 10.1.2. it ha ...)
- NOT-FOR-US: OpenNDS
+ - opennds <unfixed>
CVE-2023-38130 (Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6 ...)
NOT-FOR-US: CubeCart
CVE-2023-6176 (A null pointer dereference flaw was found in the Linux kernel API for ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ae727f193f80ad7f59c6f024f547218d3d8de06
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ae727f193f80ad7f59c6f024f547218d3d8de06
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231225/b5e3825b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list