[Git][security-tracker-team/security-tracker][master] Process some gitlab CVE entries

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 12 12:50:39 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
401baba3 by Salvatore Bonaccorso at 2021-10-12T13:50:17+02:00
Process some gitlab CVE entries

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -48242,9 +48242,9 @@ CVE-2021-22266
 CVE-2021-22265
 	RESERVED
 CVE-2021-22264 (An issue has been discovered in GitLab affecting all versions starting ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2021-22263 (An issue has been discovered in GitLab affecting all versions starting ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2021-22262 (Missing access control in GitLab version 13.10 and above with Jira Clo ...)
 	TODO: check
 CVE-2021-22261 (A stored Cross-Site Scripting vulnerability in the Jira integration in ...)
@@ -48252,11 +48252,11 @@ CVE-2021-22261 (A stored Cross-Site Scripting vulnerability in the Jira integrat
 CVE-2021-22260
 	RESERVED
 CVE-2021-22259 (A potential DOS vulnerability was discovered in GitLab EE starting wit ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2021-22258 (The project import/export feature in GitLab 8.9 and greater could be u ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2021-22257 (An issue has been discovered in GitLab affecting all versions starting ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2021-22256 (Improper authorization in GitLab CE/EE affecting all versions since 12 ...)
 	- gitlab <unfixed>
 CVE-2021-22255 (SSRF in URL file upload in Baserow <1.1.0 allows remote authenticat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/401baba3347290cae383be818d4207714d0aed23

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/401baba3347290cae383be818d4207714d0aed23
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211012/7715bd80/attachment.htm>

More information about the debian-security-tracker-commits mailing list