[Git][security-tracker-team/security-tracker][master] Add (a for now still valid assigned) CVE for Apache Superset
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 14 19:49:41 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
58874290 by Salvatore Bonaccorso at 2024-02-14T20:48:24+01:00
Add (a for now still valid assigned) CVE for Apache Superset
The CVE assignment looks odd, as it is to correct affected version
ranges. As it is a NFU for us we do not need to care too much. If the
CVE will kept valid, then we have now the NFU tracking, if it get
rejected, it can be cleaned afterwards.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10561,6 +10561,8 @@ CVE-2023-49734 (An authenticated Gamma user has the ability to create a dashboar
NOT-FOR-US: Apache Superset
CVE-2023-49736 (A where_in JINJA macro allows users to specify a quote, which combined ...)
NOT-FOR-US: Apache Superset
+CVE-2024-23952
+ NOT-FOR-US: Apache Superset
CVE-2023-46104 (Uncontrolled resource consumption can be triggered by authenticated at ...)
NOT-FOR-US: Apache Superset
CVE-2023-XXXX [RUSTSEC-2023-0074]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/588742901ce1c87bb4f4b0d9b965d5e2ae78dbf3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/588742901ce1c87bb4f4b0d9b965d5e2ae78dbf3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240214/0003f38b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list