[Git][security-tracker-team/security-tracker][master] Add new CVEs for mattermost-server

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 5 21:44:10 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6d66ad4b by Salvatore Bonaccorso at 2024-04-05T22:39:57+02:00
Add new CVEs for mattermost-server

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35,7 +35,7 @@ CVE-2024-31213 (InstantCMS is a free and open source content management system.
 CVE-2024-2499 (The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vul ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-2447 (Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x bef ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-2380 (Stored XSS in graph rendering in Checkmk <2.3.0b4.)
 	TODO: check
 CVE-2024-2312 (GRUB2 does not call the module fini functions on exit, leading to Debi ...)
@@ -89,9 +89,9 @@ CVE-2024-29739 (In tmu_get_temp_lut of tmu.c, there is a possible out of bounds
 CVE-2024-29738 (In gov_init, there is a possible out of bounds read due to a missing b ...)
 	NOT-FOR-US: Android
 CVE-2024-29221 (Improper Access Control in Mattermost Server versions 9.5.x before 9.5 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-28949 (Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-28065 (In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and co ...)
 	NOT-FOR-US: Unify CP IP Phone firmware
 CVE-2024-27232 (In asn1_ec_pkey_parse of asn1_common.c, there is a possible OOB read d ...)
@@ -101,7 +101,7 @@ CVE-2024-27231 (In tmu_get_tr_stats of tmu.c, there is a possible out of bounds
 CVE-2024-22004 (Due to length check, an attacker with privilege access on a Linux Nons ...)
 	TODO: check
 CVE-2024-21848 (Improper Access Control in Mattermost Server versions 8.1.x before 8.1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-0081 (NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr ...)
 	TODO: check
 CVE-2024-0080 (NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability w ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d66ad4ba491b105b758dee6b5abcddffb9d7265

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d66ad4ba491b105b758dee6b5abcddffb9d7265
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240405/d3b5ba1f/attachment.htm>

More information about the debian-security-tracker-commits mailing list