[Git][security-tracker-team/security-tracker][master] new gitlab-runner issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6f128db1 by Moritz Muehlenhoff at 2022-07-27T13:04:47+02:00
new gitlab-runner issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63732,7 +63732,7 @@ CVE-2021-39949
 CVE-2021-39948
 	RESERVED
 CVE-2021-39947 (In specific circumstances, trace file buffers in GitLab Runner version ...)
-	TODO: check
+	- gitlab-ci-multi-runner <unfixed>
 CVE-2021-39946 (Improper neutralization of user input in GitLab CE/EE versions 14.3 to ...)
 	- gitlab <unfixed>
 CVE-2021-39945 (Improper access control in the GitLab CE/EE API affecting all versions ...)
@@ -430296,8 +430296,7 @@ CVE-2014-3650 (Multiple persistent cross-site scripting (XSS) flaws were found i
 CVE-2014-3649 (JBoss AeroGear has reflected XSS via the password field ...)
 	NOT-FOR-US: JBoss AeroGear
 CVE-2014-3648 (The simplepush server iterates through the application installations a ...)
-	NOTE: https://issues.redhat.com/browse/AEROGEAR-6091 (private)
-	TODO: check, if more information becomes available.
+	NOT-FOR-US: JBoss AeroGear
 CVE-2014-3647 (arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel throug ...)
 	{DSA-3060-1}
 	- linux 3.16.7-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f128db1e45fb7d9e5ddb6f5c1278c1c204e8e99

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f128db1e45fb7d9e5ddb6f5c1278c1c204e8e99
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220727/29838766/attachment.htm>