Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ac1586f1 by Moritz Muehlenhoff at 2023-07-19T13:32:40+02:00
new open-vm-tools issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49494,7 +49494,11 @@ CVE-2023-20869 (VMware Workstation (17.x) and VMware
Fusion (13.x) contain a sta
CVE-2023-20868 (NSX-T contains a reflected cross-site scripting vulnerability
due to a ...)
NOT-FOR-US: VMware
CVE-2023-20867 (A fully compromised ESXi host can force VMware Tools to fail
to authen ...)
- NOT-FOR-US: VMware
+ - open-vm-tools 2:12.2.5-1 (bug #1037546)
+ [bookworm] - open-vm-tools <no-dsa> (Minor issue)
+ [bullseye] - open-vm-tools <no-dsa> (Minor issue)
+ NOTE: https://www.vmware.com/security/advisories/VMSA-2023-0013.html
+ NOTE: https://github.com/vmware/open-vm-tools/tree/CVE-2023-20867.patch
CVE-2023-20866 (In Spring Session version 3.0.0, the session id can be logged
to the s ...)
NOT-FOR-US: Spring Session
CVE-2023-20865 (VMware Aria Operations for Logs contains a command injection
vulnerabi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac1586f1843f2c3df9dcf52bc665c866113c3e45
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac1586f1843f2c3df9dcf52bc665c866113c3e45
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
