[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Aug 2 08:29:08 BST 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b2f25c92 by Moritz Mühlenhoff at 2023-08-02T09:28:41+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2023-4008
+	- gitlab <unfixed>
+CVE-2023-4011
+	- gitlab <not-affected> (Specific to EE)
+CVE-2023-4002
+	- gitlab <not-affected> (Specific to EE)
+CVE-2023-3993
+	- gitlab <not-affected> (Specific to EE)
+CVE-2023-3994
+	- gitlab <unfixed>
+CVE-2023-3900
+	- gitlab <unfixed>
+CVE-2023-3500
+	- gitlab <unfixed>
+CVE-2023-3401
+	- gitlab <unfixed>
+CVE-2023-3385
+	- gitlab <unfixed>
+CVE-2023-3364
+	- gitlab <unfixed>
 CVE-2023-3301 [net: triggerable assertion due to race condition in hot-unplug]
 	- qemu 1:8.0.3+dfsg-1
 	NOTE: https://github.com/qemu/qemu/commit/a0d7215e339b61c7d7a7b3fcf754954d80d93eb8 (v8.1.0-rc0)
@@ -11241,6 +11261,7 @@ CVE-2023-2165
 	RESERVED
 CVE-2023-2164
 	RESERVED
+	- gitlab <unfixed>
 CVE-2023-2163 [bpf: Fix incorrect verifier pruning due to missing register precision taints]
 	RESERVED
 	- linux 6.1.27-1
@@ -12121,6 +12142,7 @@ CVE-2023-2023 (The Custom 404 Pro WordPress plugin before 3.7.3 does not escape
 	NOT-FOR-US: WordPress plugin
 CVE-2023-2022
 	RESERVED
+	- gitlab <unfixed>
 CVE-2023-2021 (Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassn ...)
 	- teampass <itp> (bug #730180)
 CVE-2023-2020 (Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2 ...)
@@ -20770,6 +20792,7 @@ CVE-2023-1211 (SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.
 	- phpipam <itp> (bug #731713)
 CVE-2023-1210
 	RESERVED
+	- gitlab <unfixed>
 CVE-2023-1209 (Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records ...)
 	NOT-FOR-US: ServiceNow
 CVE-2023-1208 (This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary dat ...)
@@ -28989,6 +29012,7 @@ CVE-2023-0633
 	RESERVED
 CVE-2023-0632
 	RESERVED
+	- gitlab <unfixed>
 CVE-2023-0631 (The Paid Memberships Pro WordPress plugin before 2.9.12 does not preve ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0630 (The Slimstat Analytics WordPress plugin before 4.9.3.3 does not preven ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2f25c924d9249107ba2d7e4d72455aab0cd9930

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2f25c924d9249107ba2d7e4d72455aab0cd9930
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230802/e06a941c/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list