[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2023-50716/fastdds
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 6 21:01:33 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97e83bce by Salvatore Bonaccorso at 2024-03-06T22:01:14+01:00
Add CVE-2023-50716/fastdds
- - - - -
6827ee5f by Salvatore Bonaccorso at 2024-03-06T22:01:16+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,29 +61,30 @@ CVE-2024-20301 (A vulnerability in Cisco Duo Authentication for Windows Logon an
CVE-2024-20292 (A vulnerability in the logging component of Cisco Duo Authentication f ...)
NOT-FOR-US: Cisco
CVE-2024-1224 (This vulnerability exists in USB Pratirodh due to the usage of a weake ...)
- TODO: check
+ NOT-FOR-US: USB Pratirodh
CVE-2024-1142 (Path Traversal in Sonatype IQ Server from version 143 allows remote au ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2023-50716 (eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the ...)
- TODO: check
+ - fastdds <unfixed>
+ NOTE: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2h
CVE-2023-50167 (Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with ed ...)
- TODO: check
+ NOT-FOR-US: Pega Platform
CVE-2023-49985 (A cross-site scripting (XSS) vulnerability in the component /managemen ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49984 (A cross-site scripting (XSS) vulnerability in the component /managemen ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49983 (A cross-site scripting (XSS) vulnerability in the component /managemen ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49982 (Broken access control in the component /admin/management/users of Scho ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49981 (A directory listing vulnerability in School Fees Management System v1. ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49980 (A directory listing vulnerability in Best Student Result Management Sy ...)
- TODO: check
+ NOT-FOR-US: Best Student Result Management System
CVE-2023-49979 (A directory listing vulnerability in Customer Support System v1 allows ...)
- TODO: check
+ NOT-FOR-US: Customer Support System
CVE-2023-49978 (Incorrect access control in Customer Support System v1 allows non-admi ...)
- TODO: check
+ NOT-FOR-US: Customer Support System
CVE-2023-48703 (RobotsAndPencils go-saml, a SAML client library written in Go, contain ...)
TODO: check
CVE-2023-38825 (SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allow ...)
@@ -245506,7 +245507,7 @@ CVE-2020-26944 (An issue was discovered in Aptean Product Configurator 4.61.0000
CVE-2020-26943 (An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2. ...)
NOT-FOR-US: blazar-dashboard
CVE-2020-26942 (An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and ...)
- TODO: check
+ NOT-FOR-US: Axigen Mail Server
CVE-2020-26941 (A local (authenticated) low-privileged user can exploit a behavior in ...)
NOT-FOR-US: IBM
CVE-2020-26940
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab218ce143bc3a837758a3e2d36a3ce62ca26c46...6827ee5f3654397fc83326d3050fb2ee1991bf33
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab218ce143bc3a837758a3e2d36a3ce62ca26c46...6827ee5f3654397fc83326d3050fb2ee1991bf33
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240306/62cb1ff1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list