-
-
Notifications
You must be signed in to change notification settings - Fork 906
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2023-41040: Blind local file inclusion #1638
Comments
This comment was marked as resolved.
This comment was marked as resolved.
I went ahead and updated the versions in the local advisories. The global advisories, one is being updated at github/advisory-database#2695, for the other one I can suggest an update at github/advisory-database#2690. |
@EliahKagan I created a PR with a possible fix for the issue |
It looks like the GitHub advisory was updated with the patched version information. However, the repository advisory does not show the patched version information (not sure why there is a difference). |
Updated 👍 There are two types of advisories, local and global, GitHub updates the global ones, and maintainers (and looks like reporters too) can update the local ones. |
This issue is for tracking the public vulnerability CVE-2023-41040:
Further details, including example code, are in CVE-2023-41040.
(I'm opening this issue based on the idea in #1635 (comment) that it's useful to have issues for these. This CVE has been mentioned in #1635, but if #1636 is merged then #1635 may be closed. #1636 fixes CVE-2023-40590 but does not also fix CVE-2023-41040.)
The text was updated successfully, but these errors were encountered: