[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2023-50716/fastdds

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
97e83bce by Salvatore Bonaccorso at 2024-03-06T22:01:14+01:00
Add CVE-2023-50716/fastdds

- - - - -
6827ee5f by Salvatore Bonaccorso at 2024-03-06T22:01:16+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,29 +61,30 @@ CVE-2024-20301 (A vulnerability in Cisco Duo Authentication for Windows Logon an
 CVE-2024-20292 (A vulnerability in the logging component of Cisco Duo Authentication f ...)
 	NOT-FOR-US: Cisco
 CVE-2024-1224 (This vulnerability exists in USB Pratirodh due to the usage of a weake ...)
-	TODO: check
+	NOT-FOR-US: USB Pratirodh
 CVE-2024-1142 (Path Traversal in Sonatype IQ Server from version 143 allows remote au ...)
-	TODO: check
+	NOT-FOR-US: Sonatype
 CVE-2023-50716 (eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the  ...)
-	TODO: check
+	- fastdds <unfixed>
+	NOTE: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2h
 CVE-2023-50167 (Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with ed ...)
-	TODO: check
+	NOT-FOR-US: Pega Platform
 CVE-2023-49985 (A cross-site scripting (XSS) vulnerability in the component /managemen ...)
-	TODO: check
+	NOT-FOR-US: School Fees Management System
 CVE-2023-49984 (A cross-site scripting (XSS) vulnerability in the component /managemen ...)
-	TODO: check
+	NOT-FOR-US: School Fees Management System
 CVE-2023-49983 (A cross-site scripting (XSS) vulnerability in the component /managemen ...)
-	TODO: check
+	NOT-FOR-US: School Fees Management System
 CVE-2023-49982 (Broken access control in the component /admin/management/users of Scho ...)
-	TODO: check
+	NOT-FOR-US: School Fees Management System
 CVE-2023-49981 (A directory listing vulnerability in School Fees Management System v1. ...)
-	TODO: check
+	NOT-FOR-US: School Fees Management System
 CVE-2023-49980 (A directory listing vulnerability in Best Student Result Management Sy ...)
-	TODO: check
+	NOT-FOR-US: Best Student Result Management System
 CVE-2023-49979 (A directory listing vulnerability in Customer Support System v1 allows ...)
-	TODO: check
+	NOT-FOR-US: Customer Support System
 CVE-2023-49978 (Incorrect access control in Customer Support System v1 allows non-admi ...)
-	TODO: check
+	NOT-FOR-US: Customer Support System
 CVE-2023-48703 (RobotsAndPencils go-saml, a SAML client library written in Go, contain ...)
 	TODO: check
 CVE-2023-38825 (SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allow ...)
@@ -245506,7 +245507,7 @@ CVE-2020-26944 (An issue was discovered in Aptean Product Configurator 4.61.0000
 CVE-2020-26943 (An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2. ...)
 	NOT-FOR-US: blazar-dashboard
 CVE-2020-26942 (An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and  ...)
-	TODO: check
+	NOT-FOR-US: Axigen Mail Server
 CVE-2020-26941 (A local (authenticated) low-privileged user can exploit a behavior in  ...)
 	NOT-FOR-US: IBM
 CVE-2020-26940



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab218ce143bc3a837758a3e2d36a3ce62ca26c46...6827ee5f3654397fc83326d3050fb2ee1991bf33

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab218ce143bc3a837758a3e2d36a3ce62ca26c46...6827ee5f3654397fc83326d3050fb2ee1991bf33
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240306/62cb1ff1/attachment.htm>