[Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Dec 1 10:44:45 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d551abbc by Moritz Muehlenhoff at 2022-12-01T11:44:16+01:00
new gitlab issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -180,8 +180,10 @@ CVE-2022-4207
RESERVED
CVE-2022-4206
RESERVED
+ - gitlab <unfixed>
CVE-2022-4205
RESERVED
+ - gitlab <unfixed>
CVE-2022-4204
RESERVED
CVE-2022-4203
@@ -276,6 +278,7 @@ CVE-2022-42489
RESERVED
CVE-2022-4201
RESERVED
+ - gitlab <unfixed>
CVE-2022-4200
RESERVED
CVE-2022-4199
@@ -2312,6 +2315,7 @@ CVE-2022-4055 (When xdg-mail is configured to use thunderbird for mailto URLs, i
NOTE: https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205#note_1494267
CVE-2022-4054
RESERVED
+ - gitlab <unfixed>
CVE-2022-45462 (Alarm instance management has command injection when there is a specif ...)
NOT-FOR-US: Apache DolphinScheduler
CVE-2022-45461 (The Java Admin Console in Veritas NetBackup through 10.1 and related V ...)
@@ -3792,6 +3796,7 @@ CVE-2022-3903 (An incorrect read request flaw was found in the Infrared Transcei
[bullseye] - linux 5.10.148-1
CVE-2022-3902
RESERVED
+ - gitlab <unfixed>
CVE-2022-3901
RESERVED
CVE-2022-3900
@@ -5960,6 +5965,7 @@ CVE-2022-3821 (An off-by-one Error issue was discovered in Systemd in format_tim
NOTE: https://github.com/systemd/systemd-stable/commit/72d4c15a946d20143cd4c6783c802124bc894dc7 (v251.3)
CVE-2022-3820
RESERVED
+ - gitlab <unfixed>
CVE-2022-3819 (An improper authorization issue in GitLab CE/EE affecting all versions ...)
- gitlab <unfixed>
CVE-2022-3818 (An uncontrolled resource consumption issue when parsing URLs in GitLab ...)
@@ -7504,6 +7510,7 @@ CVE-2022-3741 (Impact varies for each individual vulnerability in the applicatio
NOT-FOR-US: chatwoot
CVE-2022-3740
RESERVED
+ - gitlab <unfixed>
CVE-2022-3739
RESERVED
CVE-2022-3738
@@ -10941,6 +10948,7 @@ CVE-2022-3573
RESERVED
CVE-2022-3572
RESERVED
+ - gitlab <unfixed>
CVE-2022-3571
RESERVED
CVE-2022-3570 (Multiple heap buffer overflows in tiffcrop.c utility in libtiff librar ...)
@@ -12264,6 +12272,7 @@ CVE-2022-3483 (An issue has been discovered in GitLab CE/EE affecting all versio
- gitlab <unfixed>
CVE-2022-3482
RESERVED
+ - gitlab <unfixed>
CVE-2022-3481 (The WooCommerce Dropshipping WordPress plugin before 4.4 does not prop ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3480 (A remote, unauthenticated attacker could cause a denial-of-service of ...)
@@ -12311,6 +12320,7 @@ CVE-2022-42897 (Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows u
NOT-FOR-US: Array Networks
CVE-2022-3478
RESERVED
+ - gitlab <unfixed>
CVE-2022-42906 (powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbi ...)
- powerline-gitstatus 1.3.2-1
[bullseye] - powerline-gitstatus <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d551abbc90988474a2ab82d071070a2964845928
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d551abbc90988474a2ab82d071070a2964845928
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221201/48dff0e3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list