[Git][security-tracker-team/security-tracker][master] Process some CVEs in Mattermost (mark as mattermost-server)

Salvatore Bonaccorso (@carnil) Mon, 27 Nov 2023 12:40:38 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
20820142 by Salvatore Bonaccorso at 2023-11-27T21:39:42+01:00
Process some CVEs in Mattermost (mark as mattermost-server)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,7 +6,7 @@ CVE-2023-6254 (A Vulnerability in OTRS AgentInterface and 
ExternalInterface allo
        NOT-FOR-US: OTRS
        NOTE: Issue is listed as specific to 8.x, so won't affect Znuny which 
forked from 6.x
 CVE-2023-6202 (Mattermost fails to perform proper authorization in the 
/plugins/focal ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2023-5974 (The WPB Show Core WordPress plugin through 2.2 is vulnerable to 
server ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-5958 (The POST SMTP Mailer WordPress plugin before 2.7.1 does not 
escape ema ...)
@@ -76,13 +76,13 @@ CVE-2023-49029 (Cross Site Scripting vulnerability in 
smpn1smg absis v.2017-10-1
 CVE-2023-49028 (Cross Site Scripting vulnerability in smpn1smg absis 
v.2017-10-19 and  ...)
        TODO: check
 CVE-2023-48369 (Mattermost fails to limit the log size of server logs allowing 
an atta ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2023-48268 (Mattermost fails tolimit the amount of data extracted from 
compressed  ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2023-47865 (Mattermost fails to check if hardened mode is enabled when 
overriding  ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2023-47168 (Mattermost fails to properly check a redirect URL parameter 
allowing f ...)
-       TODO: check
+       - mattermost-server <itp> (bug #823556)
 CVE-2023-45223 (Mattermost fails to properly validate the "Show Full Name" 
option in a ...)
        TODO: check
 CVE-2023-43754 (Mattermost fails to check whether the \u201cAllow users to 
view archiv ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/208201425661fa13fde07aaa0dc7fbf010748588

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/208201425661fa13fde07aaa0dc7fbf010748588
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some CVEs in Mattermost (mark as mattermost-server)

Reply via email to