[Git][security-tracker-team/security-tracker][master] new open-vm-tools issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jul 19 12:33:12 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ac1586f1 by Moritz Muehlenhoff at 2023-07-19T13:32:40+02:00
new open-vm-tools issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49494,7 +49494,11 @@ CVE-2023-20869 (VMware Workstation (17.x) and VMware Fusion (13.x) contain a sta
CVE-2023-20868 (NSX-T contains a reflected cross-site scripting vulnerability due to a ...)
NOT-FOR-US: VMware
CVE-2023-20867 (A fully compromised ESXi host can force VMware Tools to fail to authen ...)
- NOT-FOR-US: VMware
+ - open-vm-tools 2:12.2.5-1 (bug #1037546)
+ [bookworm] - open-vm-tools <no-dsa> (Minor issue)
+ [bullseye] - open-vm-tools <no-dsa> (Minor issue)
+ NOTE: https://www.vmware.com/security/advisories/VMSA-2023-0013.html
+ NOTE: https://github.com/vmware/open-vm-tools/tree/CVE-2023-20867.patch
CVE-2023-20866 (In Spring Session version 3.0.0, the session id can be logged to the s ...)
NOT-FOR-US: Spring Session
CVE-2023-20865 (VMware Aria Operations for Logs contains a command injection vulnerabi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac1586f1843f2c3df9dcf52bc665c866113c3e45
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac1586f1843f2c3df9dcf52bc665c866113c3e45
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230719/a7b6ceca/attachment.htm>
More information about the debian-security-tracker-commits
mailing list