[Git][security-tracker-team/security-tracker][master] Add three new glpi issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 6 20:15:25 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eb5225ab by Salvatore Bonaccorso at 2023-07-06T21:14:53+02:00
Add three new glpi issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -48,15 +48,21 @@ CVE-2023-36821 (Uptime Kuma, a self-hosted monitoring tool, allows an authentica
 CVE-2023-36809 (Kiwi TCMS, an open source test management system allows users to uploa ...)
 	NOT-FOR-US: Kiwi TCMS
 CVE-2023-36808 (GLPI is a free asset and IT management software package. Starting in v ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-vf5h-jh9q-2gjm
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-36458 (1Panel is an open source Linux server operation and maintenance manage ...)
 	NOT-FOR-US: 1Panel
 CVE-2023-36457 (1Panel is an open source Linux server operation and maintenance manage ...)
 	NOT-FOR-US: 1Panel
 CVE-2023-35940 (GLPI is a free asset and IT management software package. Starting in v ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-qrh8-rg45-45fw
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-35939 (GLPI is a free asset and IT management software package. Starting in v ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-cjcx-pwcx-v34c
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-35936 (Pandoc is a Haskell library for converting from one markup format to a ...)
 	TODO: check
 CVE-2023-3515 (Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4.)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb5225ab42626cf6edaeab7710e9c9cd483f195f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb5225ab42626cf6edaeab7710e9c9cd483f195f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230706/e4514aa7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list