[Git][security-tracker-team/security-tracker][master] Cacti CVE-2024-29894 and CVE-2023-50250
Bastien Roucariès (@rouca)
rouca at debian.org
Sun Aug 11 20:29:56 BST 2024
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2453e011 by Bastien Roucariès at 2024-08-11T19:29:03+00:00
Cacti CVE-2024-29894 and CVE-2023-50250
Note that both are related
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25970,6 +25970,7 @@ CVE-2024-29894 (Cacti provides an operational monitoring and fault management fr
NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh
NOTE: Fixed by: https://github.com/Cacti/cacti/commit/9c75f8da5b609d17c8c031fd46362f730358b792 (1.2.27)
NOTE: Follow-up fix: https://github.com/Cacti/cacti/commit/6a82fa1abe81d96238a87727087572ff749d0a8d (1.2.x)
+ NOTE: Follow-up of CVE-2023-50250
CVE-2024-29513 (An issue in briscKernelDriver.sys in BlueRiSC WindowsSCOPE Cyber Foren ...)
NOT-FOR-US: BlueRiSC WindowsSCOPE Cyber Forensics
CVE-2024-28866 (GoCD is a continuous delivery server. GoCD versions from 19.4.0 to 23. ...)
@@ -63317,6 +63318,7 @@ CVE-2023-50250 (Cacti is an open source operational monitoring and fault managem
NOTE: https://github.com/Cacti/cacti/commit/73d9a60e24d6d826e6343b94d833b48c28b68643 (release/1.2.26)
NOTE: https://github.com/Cacti/cacti/commit/59e39b34f8f1d80b28d38a391d7aa6e7a3302f5b (release/1.2.26)
NOTE: Introduced by: https://github.com/Cacti/cacti/commit/27a36d48e1cea172b0750c970324208b39d2bec5 (release/1.2.23)
+ NOTE: Incomplete fix see CVE-2024-29894
CVE-2023-50147 (There is an arbitrary command execution vulnerability in the setDiagno ...)
NOT-FOR-US: TOTOLINK
CVE-2023-49792 (Nextcloud Server provides data storage for Nextcloud, an open source c ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2453e011a2c57af210d6840c1873a079ac9c89ca
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2453e011a2c57af210d6840c1873a079ac9c89ca
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240811/d1bb5d8a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list