Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6911a46e by Salvatore Bonaccorso at 2023-08-25T20:39:41+02:00
Mark CVE-2023-37154 as unimportant for monitoring-plugins
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6330,8 +6330,11 @@ CVE-2023-37392 (Cross-Site Request Forgery (CSRF)
vulnerability in Deepak Anand
CVE-2023-37277 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
NOT-FOR-US: XWiki
CVE-2023-37154
- - monitoring-plugins <unfixed>
+ - monitoring-plugins <unfixed> (unimportant)
NOTE: Fix in nagios-plugins project:
https://github.com/nagios-plugins/nagios-plugins/commit/e8810de21be80148562b7e0168b0a62aeedffde6
+ NOTE: monitoring-plugins upstream does not plan to make an upstream
change similar to
+ NOTE: nagios-plugins because there are valid usecases to execute stuff
locally via
+ NOTE: check_by_ssh (although not commonly known and used).
CVE-2023-37153 (KodExplorer 4.51 contains a Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: KodExplorer
CVE-2023-37152 (Projectworlds Online Art Gallery Project 1.0 allows
unauthenticated us ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6911a46e2167f7ac3ffee3ebca5b74d5668e3d8f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6911a46e2167f7ac3ffee3ebca5b74d5668e3d8f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
