[Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Apr 6 16:55:42 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
200ce118 by Moritz Mühlenhoff at 2023-04-06T17:54:53+02:00
new gitlab issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -825,7 +825,7 @@ CVE-2023-1789 (Improper Input Validation in GitHub repository firefly-iii/firefl
CVE-2023-1788 (Insufficient Session Expiration in GitHub repository firefly-iii/firef ...)
NOT-FOR-US: firefly-iii
CVE-2023-1787 (An issue has been discovered in GitLab affecting all versions starting ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2023-1786
RESERVED
CVE-2023-1785 (A vulnerability was found in SourceCodester Earnings and Expense Track ...)
@@ -1179,7 +1179,7 @@ CVE-2023-1735 (A vulnerability classified as critical was found in SourceCodeste
CVE-2023-1734 (A vulnerability classified as critical has been found in SourceCodeste ...)
NOT-FOR-US: SourceCodester Young Entrepreneur E-Negosyo System
CVE-2023-1733 (A denial of service condition exists in the Prometheus server bundled ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2023-1732
RESERVED
CVE-2023-1731
@@ -1247,7 +1247,7 @@ CVE-2023-29023
CVE-2023-29022
RESERVED
CVE-2023-1710 (A sensitive information disclosure vulnerability in GitLab affecting a ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2023-1709
RESERVED
CVE-2023-29021
@@ -1386,7 +1386,7 @@ CVE-2023-28960
CVE-2023-28959
RESERVED
CVE-2023-1708 (An issue was identified in GitLab CE/EE affecting all versions from 1. ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2023-1707
RESERVED
CVE-2023-1706
@@ -3412,7 +3412,7 @@ CVE-2023-1419
CVE-2023-1418 (A vulnerability classified as problematic was found in SourceCodester ...)
NOT-FOR-US: SourceCodester Friendly Island Pizza Website and Ordering System
CVE-2023-1417 (An issue has been discovered in GitLab affecting all versions starting ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2023-1416 (A vulnerability classified as critical has been found in Simple Art Ga ...)
NOT-FOR-US: Simple Art Gallery
CVE-2023-1415 (A vulnerability was found in Simple Art Gallery 1.0. It has been decla ...)
@@ -6051,7 +6051,7 @@ CVE-2015-10089 (A vulnerability classified as problematic has been found in flam
CVE-2023-1168 (An authenticated remote code execution vulnerability exists in the AOS ...)
NOT-FOR-US: HPE
CVE-2023-1167 (Improper authorization in Gitlab EE affecting all versions from 12.3.0 ...)
- TODO: check
+ - gitlab <not-affected> (Specific to EE)
CVE-2023-1166
RESERVED
CVE-2022-4929 (A vulnerability was found in icplayer up to 0.818. It has been rated a ...)
@@ -6794,7 +6794,7 @@ CVE-2023-23554 (Uncontrolled search path element vulnerability exists in pg_ivm
CVE-2023-22847 (Information disclosure vulnerability exists in pg_ivm versions prior t ...)
NOT-FOR-US: pg_ivm
CVE-2023-1098 (An information disclosure vulnerability has been discovered in GitLab ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2023-1097 (Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vu ...)
NOT-FOR-US: Baicells EG7035-M11 devices
CVE-2023-1096
@@ -6954,7 +6954,7 @@ CVE-2023-1073 (A memory corruption flaw was found in the Linux kernel’s hu
CVE-2023-1072 (An issue has been discovered in GitLab affecting all versions starting ...)
- gitlab <unfixed>
CVE-2023-1071 (An issue has been discovered in GitLab affecting all versions from 15. ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2023-1070 (External Control of File Name or Path in GitHub repository nilsteampas ...)
- teampass <itp> (bug #730180)
CVE-2023-1069 (The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPre ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/200ce118a6bc624e8074550bb02a75d735eccd97
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/200ce118a6bc624e8074550bb02a75d735eccd97
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230406/bdd82107/attachment.htm>
More information about the debian-security-tracker-commits
mailing list