[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jan 17 09:05:30 GMT 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
86e3f40c by Moritz Muehlenhoff at 2023-01-17T10:05:04+01:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11822,7 +11822,7 @@ CVE-2022-4169 (The Theme and plugin translation for Polylang is vulnerable to au
 CVE-2022-4168
 	REJECTED
 CVE-2022-4167 (Incorrect Authorization check affecting all versions of GitLab EE from ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2022-4166 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4165 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery  ...)
@@ -12619,7 +12619,7 @@ CVE-2022-45802
 CVE-2022-45801
 	RESERVED
 CVE-2022-4131 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2022-4130 (A blind site-to-site request forgery vulnerability was found in Satell ...)
 	NOT-FOR-US: Red Hat Satellite server
 CVE-2022-4129 (A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2T ...)
@@ -13545,7 +13545,7 @@ CVE-2022-4039
 CVE-2022-4038
 	RESERVED
 CVE-2022-4037 (An issue has been discovered in GitLab CE/EE affecting all versions be ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2022-45459
 	RESERVED
 CVE-2022-45458
@@ -15669,7 +15669,7 @@ CVE-2022-41610
 CVE-2022-3871
 	RESERVED
 CVE-2022-3870 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2022-44783
 	RESERVED
 CVE-2022-44782
@@ -21996,7 +21996,7 @@ CVE-2022-3615
 CVE-2022-3614 (In affected versions of Octopus Deploy users of certain browsers using ...)
 	NOT-FOR-US: Octopus Deploy
 CVE-2022-3613 (An issue has been discovered in GitLab CE/EE affecting all versions be ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2022-3612
 	RESERVED
 CVE-2022-3611
@@ -22236,7 +22236,7 @@ CVE-2022-3575 (Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2 v2.8
 CVE-2022-3574 (The WPForms Pro WordPress plugin before 1.7.7 does not validate its fo ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-3573 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2022-3572
 	RESERVED
 	- gitlab <unfixed>
@@ -23458,7 +23458,7 @@ CVE-2022-3515 (A vulnerability was found in the Libksba library due to an intege
 	NOTE: https://dev.gnupg.org/T6230
 	NOTE: https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b
 CVE-2022-3514 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2022-3513
 	RESERVED
 CVE-2022-3512 (Using warp-cli command "add-trusted-ssid", a user was able to disconne ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86e3f40c0f54630af601338626b29ae04ad3ebbb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86e3f40c0f54630af601338626b29ae04ad3ebbb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230117/9251711e/attachment.htm>


More information about the debian-security-tracker-commits mailing list