Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76f9e294 by Salvatore Bonaccorso at 2023-07-21T14:37:51+02:00
Add two new nomad issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -149,11 +149,13 @@ CVE-2023-3782 (DoS of the OkHttp client when using a
BrotliInterceptor and surfi
CVE-2023-3779 (The Essential Addons For Elementor plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2023-3300 (HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and
1.4.1 HTTP ...)
- TODO: check
+ - nomad <unfixed>
+ NOTE:
https://discuss.hashicorp.com/t/hcsec-2023-22-nomad-search-api-leaks-information-about-csi-plugins/56272
CVE-2023-3299 (HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL
policies ...)
TODO: check
CVE-2023-3072 (HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and
1.4.10 ACL ...)
- TODO: check
+ - nomad <unfixed>
+ NOTE:
https://discuss.hashicorp.com/t/hcsec-2023-20-nomad-acl-policies-without-label-are-applied-to-unexpected-resources/56270
CVE-2023-37362 (Weintek Weincloud v0.13.6 could allow an attacker to abuse
the reg ...)
NOT-FOR-US: Weincloud
CVE-2023-37289 (It is identified a vulnerability of Unrestricted Upload of
File with D ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76f9e294617cfce5b6fe14a4218d7c6e8bda6013
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76f9e294617cfce5b6fe14a4218d7c6e8bda6013
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
