Werk #15689: Dependency updates
| Component | Core & setup | ||||
| Title | Dependency updates | ||||
| Date | Jun 28, 2023 | ||||
| Level | Trivial Change | ||||
| Class | Security Fix | ||||
| Compatibility | Compatible - no manual interaction needed | ||||
| Checkmk versions & editions |
|
This Werk updates several dependencies such as openssl, various python dependencies, etc.
To our knowledge among the vulnerabilities fixed in those dependencies only CVE-2023-32681 could be exploited. This vulnerability could cause a Proxy-Authorization header leakage.
Vulnerability Management: We have rated the issue with a CVSS Score of 6.1 (Medium) with the following CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N.