[Git][security-tracker-team/security-tracker][master] Add assigned CVE-2023-47090/nats-server
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 30 18:10:46 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f7505e17 by Salvatore Bonaccorso at 2023-10-30T19:09:59+01:00
Add assigned CVE-2023-47090/nats-server
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -75,7 +75,7 @@ CVE-2023-46129 [nkeys: xkeys Seal encryption used fixed key for all encryption]
[bookworm] - nats-server <not-affected> (Vulnerable code not present)
NOTE: https://advisories.nats.io/CVE/secnote-2023-02.txt
NOTE: https://github.com/nats-io/nkeys/security/advisories/GHSA-mr45-rx8q-wcm9
-CVE-2023-XXXX [Adding accounts for just the system account adds auth bypass]
+CVE-2023-47090 [Adding accounts for just the system account adds auth bypass]
- nats-server 2.10.3-1
NOTE: https://advisories.nats.io/CVE/secnote-2023-01.txt
NOTE: https://github.com/nats-io/nats-server/security/advisories/GHSA-fr2g-9hjm-wr23
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7505e17dbd8b5e0425acf229659d1e5b7627648
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7505e17dbd8b5e0425acf229659d1e5b7627648
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231030/2c7b2168/attachment.htm>
More information about the debian-security-tracker-commits
mailing list