Debian Security Update DSA-5541-1 request-tracker5 - security update

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
30
Reaction score
10
Credits
0
Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system.
CVE-2023-41259
Tom Wolters reported that Request Tracker is vulnerable to accepting unvalidated RT email headers in incoming email and the mail-gateway REST interface.
CVE-2023-41260
Tom Wolters reported that Request Tracker is vulnerable to information leakage via response messages returned from requests sent via the mail-gateway REST interface.
CVE-2023-45024
It was reported that Request Tracker is vulnerable to information leakage via transaction searches made by authenticated users in the transaction query builder.
https://security-tracker.debian.org/tracker/DSA-5541-1

Continue reading...
 
You must log in or register to reply here.

Members online

Total: 616 (members: 2, guests: 614)

Latest posts

Top