I am not sure we have been notified about that vulnerability, searching my email this you are the first.
Just because someone has opened a CVE does not indicate they have contacted the open source project at all. Please forward to geoserver-security email list (see security policy). It would be helpful if you describe what steps you have already taken to verify so the volunteers do not duplicate your effort. -- Jody Garnett On Mon, Jul 1, 2024 at 6:50 AM Nisha Rani via Geoserver-users < geoserver-users@lists.sourceforge.net> wrote: > Hi Team, > > > > Just a gentle reminder about request for reproduction steps for > CVE-2023-5786. > > > > Your assistance would be greatly appreciated. > > > > Best regards, > > Nisha Rani > > > > *From:* Madhu <mad...@india.nec.com> > *Sent:* Wednesday, June 5, 2024 4:22 PM > *To:* geoserver-users@lists.sourceforge.net > *Cc:* Chandradeep Kumar <chandradeep.ku...@india.nec.com>; Nisha Rani < > nisha.r...@india.nec.com> > *Subject:* Query regarding the reproduction steps of vulnerability > CVE-2023-5786 > > > > Hi Team, > > > > I have checked this vulnerability and trying to reproduce the > vulnerability. But I could not found any reproduction steps for this > vulnerability. > > > > [Query] > > Please provide reproduction steps for this vulnerability. > > > > Vulnerability Link: *https://nvd.nist.gov/vuln/detail/CVE-2023-5786* > <https://nvd.nist.gov/vuln/detail/CVE-2023-5786> > > > > Thanks & Regards, > > Madhu > > > > The contents of this e-mail and any attachment(s) are confidential and > intended for the named recipient(s) only. > It shall not attach any liability on the originator or NEC Corporation > India Private Limited or its affiliates. > Any views or opinions presented in this email are solely those of the > author and may not necessarily reflect the opinions of NEC Corporation > India Private Limited or its affiliates. > Any form of reproduction, dissemination, copying, disclosure, > modification, distribution and / or publication of this message without the > prior written consent of the author of this e-mail is strictly prohibited. > If you have received this email in error please delete it and notify the > sender immediately. > _______________________________________________ > Geoserver-users mailing list > > Please make sure you read the following two resources before posting to > this list: > - Earning your support instead of buying it, but Ian Turton: > http://www.ianturton.com/talks/foss4g.html#/ > - The GeoServer user list posting guidelines: > http://geoserver.org/comm/userlist-guidelines.html > > If you want to request a feature or an improvement, also see this: > https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer > > > Geoserver-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geoserver-users >
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
