[Git][security-tracker-team/security-tracker][master] new ansible issue (sparse information)
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 63495bfa by Moritz Muehlenhoff at 2023-08-25T12:33:15+02:00 new ansible issue (sparse information) - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,6 @@ +CVE-2023-4380 + - ansible + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2232324 CVE-2023-4420 (A remote unprivileged attacker can intercept the communication via e.g ...) NOT-FOR-US: SICK LMS5xx CVE-2023-4419 (The LMS5xx uses hard-coded credentials, which potentially allow low-sk ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63495bfac8d9971e38b34ea5a1377469714a96d6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63495bfac8d9971e38b34ea5a1377469714a96d6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new ansible issue
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 7bc9b362 by Moritz Muehlenhoff at 2021-06-27T17:48:53+02:00 new ansible issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -28,6 +28,9 @@ CVE-2021-3621 RESERVED CVE-2021-3620 RESERVED + - ansible + - ansible-base + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975767 CVE-2021-35500 RESERVED CVE-2021-35499 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7bc9b362e737e31f4d74611aebbaa19291797117 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7bc9b362e737e31f4d74611aebbaa19291797117 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new ansible issue
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 651df17f by Moritz Muehlenhoff at 2020-05-15T09:22:36+02:00 new ansible issue new pip non issue new issue in ITPd kibana NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -6459,8 +6459,11 @@ CVE-2020-10745 RESERVED CVE-2020-10744 RESERVED + - ansible + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1835566 CVE-2020-10743 RESERVED + - kibana (bug #700337) CVE-2020-10742 RESERVED - linux @@ -32410,6 +32413,7 @@ CVE-2020-1162 RESERVED CVE-2020-1161 RESERVED + NOT-FOR-US: Microsoft .NET CVE-2020-1160 RESERVED CVE-2020-1159 @@ -32516,6 +32520,7 @@ CVE-2020-1109 RESERVED CVE-2020-1108 RESERVED + NOT-FOR-US: Microsoft .NET CVE-2020-1107 RESERVED CVE-2020-1106 @@ -80309,7 +80314,9 @@ CVE-2018-20227 (RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a CVE-2018-20226 (An organization administrator can add a super administrator in THEHIVE ...) NOT-FOR-US: THEHIVE CVE-2018-20225 (An issue was discovered in pip (all versions) because it installs the ...) - TODO: check + - python-pip (unimportant) + NOTE: https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html + NOTE: pip is inherently affected by malicious packages, use packages from Debian instead :-) CVE-2018-20224 RESERVED CVE-2018-20223 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/651df17fbe481dd8249c09fc89081120f70ab2c7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/651df17fbe481dd8249c09fc89081120f70ab2c7 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new ansible issue
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 41b9ef6c by Moritz Muehlenhoff at 2018-10-24T09:58:39Z new ansible issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -4311,7 +4311,8 @@ CVE-2018-16839 CVE-2018-16838 RESERVED CVE-2018-16837 (Ansible "User" module leaks any data which is passed on as a parameter ...) - TODO: check + - ansible + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837 CVE-2018-16836 (Rubedo through 3.4.0 contains a Directory Traversal vulnerability in ...) NOT-FOR-US: Rubedo CMS CVE-2018-16835 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/41b9ef6c4a3a53a725b1027f1b84c2bd9f6b7ec9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/41b9ef6c4a3a53a725b1027f1b84c2bd9f6b7ec9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
