[Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jun 6 08:32:12 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
57385cf1 by Moritz Muehlenhoff at 2023-06-06T09:15:40+02:00
new gitlab issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2023-2589
+ - gitlab <not-affected> (Specific to EE)
+CVE-2023-2485
+ - gitlab <unfixed>
CVE-2023-3111 [btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()]
- linux 5.19.6-1
NOTE: https://git.kernel.org/linus/85f02d6c856b9f3a0acf5219de6e32f58b9778eb (6.0-rc2)
@@ -3969,8 +3973,10 @@ CVE-2023-2200
RESERVED
CVE-2023-2199
RESERVED
+ - gitlab <unfixed>
CVE-2023-2198
RESERVED
+ - gitlab <unfixed>
CVE-2023-30912
RESERVED
CVE-2023-30911
@@ -4414,6 +4420,7 @@ CVE-2023-2133 (Out of bounds memory access in Service Worker API in Google Chrom
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-2132
RESERVED
+ - gitlab <unfixed>
CVE-2023-2131 (Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS co ...)
NOT-FOR-US: INEA ME RTU firmware
CVE-2023-2130 (A vulnerability classified as critical has been found in SourceCodeste ...)
@@ -5164,10 +5171,12 @@ CVE-2023-2016
RESERVED
CVE-2023-2015
RESERVED
+ - gitlab <unfixed>
CVE-2023-2014 (Cross-site Scripting (XSS) - Generic in GitHub repository microweber/m ...)
NOT-FOR-US: microweber
CVE-2023-2013
RESERVED
+ - gitlab <unfixed>
CVE-2023-2012
RESERVED
CVE-2022-48468 (protobuf-c before 1.4.1 has an unsigned integer overflow in parse_requ ...)
@@ -5369,6 +5378,7 @@ CVE-2023-2002 (A vulnerability was found in the HCI sockets implementation due t
NOTE: Hardening: https://lore.kernel.org/linux-bluetooth/20230416080251.7717-1-lrh2000@pku.edu.cn/
CVE-2023-2001
RESERVED
+ - gitlab <unfixed>
CVE-2023-2000 (Mattermost Desktop App fails to validate a mattermost server redirecti ...)
NOT-FOR-US: Mattermost Desktop App
CVE-2023-1999
@@ -8680,6 +8690,7 @@ CVE-2023-1826 (A vulnerability, which was classified as critical, was found in S
NOT-FOR-US: SourceCodester Online Computer and Laptop Store
CVE-2023-1825
RESERVED
+ - gitlab <not-affected> (Specific to EE)
CVE-2022-48435 (In JetBrains PhpStorm before 2023.1 source code could be logged in the ...)
NOT-FOR-US: JetBrains PhpStorm
CVE-2023-29233
@@ -18288,6 +18299,7 @@ CVE-2023-0922 (The Samba AD DC administration tool, when operating against a rem
NOTE: https://www.samba.org/samba/security/CVE-2023-0922.html
CVE-2023-0921
RESERVED
+ - gitlab <unfixed>
CVE-2022-48330
RESERVED
CVE-2023-26101 (In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user ...)
@@ -23135,6 +23147,7 @@ CVE-2023-0509 (Improper Certificate Validation in GitHub repository pyload/pyloa
- pyload <itp> (bug #1001980)
CVE-2023-0508
RESERVED
+ - gitlab <unfixed>
CVE-2020-36657 (uptimed before 0.4.6-r1 on Gentoo allows local users (with access to t ...)
- uptimed <not-affected> (Gentoo-specific)
CVE-2018-25078 (man-db before 2.8.5 on Gentoo allows local users (with access to the m ...)
@@ -28291,6 +28304,7 @@ CVE-2023-0122 (A NULL pointer dereference vulnerability in the Linux kernel NVMe
- linux <not-affected> (Vulnerable code not present in any released Debian version)
CVE-2023-0121
RESERVED
+ - gitlab <unfixed>
CVE-2023-0120
RESERVED
CVE-2023-0119
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57385cf1e6c048ad85079c90b6ad8feec06b0788
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57385cf1e6c048ad85079c90b6ad8feec06b0788
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230606/62f20f3f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list