[Git][security-tracker-team/security-tracker][master] Add some new additional glpi issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 26 19:40:44 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fac474d6 by Salvatore Bonaccorso at 2023-01-26T20:40:08+01:00
Add some new additional glpi issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5179,11 +5179,15 @@ CVE-2023-22725 (GLPI is a Free Asset and IT Management Software package. Version
 	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-f5g6-fxrw-pfj7
 	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-22724 (GLPI is a Free Asset and IT Management Software package. Versions prio ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-x9g4-j85w-cmff
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-22723
 	RESERVED
 CVE-2023-22722 (GLPI is a Free Asset and IT Management Software package. Versions 9.4. ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-352j-wr38-493c
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-22721 (Auth. Stored Cross-Site Scripting (XSS) in Oi Yandex.Maps for WordPres ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-22720
@@ -6112,7 +6116,9 @@ CVE-2021-46870
 CVE-2021-46869
 	RESERVED
 CVE-2023-22500 (GLPI is a Free Asset and IT Management Software package. Versions 10.0 ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-3ghv-p34r-5ghx
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-22499 (Deno is a runtime for JavaScript and TypeScript that uses V8 and is bu ...)
 	NOT-FOR-US: Deno
 CVE-2023-22498



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fac474d6b04ade123bfa9eda110207f8213dd97b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fac474d6b04ade123bfa9eda110207f8213dd97b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230126/3491d664/attachment.htm>

More information about the debian-security-tracker-commits mailing list