-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Updated at 20240106071538 Signed-off-by: bitnami-bot <[email protected]>
- Loading branch information
1 parent
66f13cf
commit a04478f
Showing
9 changed files
with
151 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| { | ||
| "schema_version": "1.5.0", | ||
| "id": "BIT-mattermost-2023-7113", | ||
| "details": "Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.", | ||
| "aliases": [ | ||
| "CVE-2023-7113" | ||
| ], | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "ecosystem": "Bitnami", | ||
| "name": "mattermost", | ||
| "purl": "pkg:bitnami/mattermost" | ||
| }, | ||
| "severity": [ | ||
| { | ||
| "type": "CVSS_V3", | ||
| "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" | ||
| } | ||
| ], | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "8.1.7" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "severity": "Medium", | ||
| "cpes": [ | ||
| "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*" | ||
| ] | ||
| }, | ||
| "references": [ | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://mattermost.com/security-updates" | ||
| } | ||
| ], | ||
| "published": "2024-01-06T07:20:54.357Z", | ||
| "modified": "2024-01-06T07:45:08.159Z" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,66 @@ | ||
| { | ||
| "schema_version": "1.5.0", | ||
| "id": "BIT-sqlite-2023-7104", | ||
| "details": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", | ||
| "aliases": [ | ||
| "CVE-2023-7104" | ||
| ], | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "ecosystem": "Bitnami", | ||
| "name": "sqlite", | ||
| "purl": "pkg:bitnami/sqlite" | ||
| }, | ||
| "severity": [ | ||
| { | ||
| "type": "CVSS_V3", | ||
| "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" | ||
| } | ||
| ], | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "3.43.0" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "severity": "Critical", | ||
| "cpes": [ | ||
| "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*" | ||
| ] | ||
| }, | ||
| "references": [ | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://sqlite.org/forum/forumpost/5bcbf4571c" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://sqlite.org/src/info/0e4e7a05c4204b47" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://vuldb.com/?ctiid.248999" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://vuldb.com/?id.248999" | ||
| } | ||
| ], | ||
| "published": "2024-01-06T07:29:11.558Z", | ||
| "modified": "2024-01-06T07:45:08.159Z" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters