[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Apr 26 07:26:48 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b2104f73 by Moritz Muehlenhoff at 2024-04-26T08:26:21+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49,9 +49,9 @@ CVE-2024-4077 (Improper Neutralization of Input During Web Page Generation ('Cro
 CVE-2024-4035 (The Photo Gallery \u2013 GT3 Image Gallery & Gutenberg Block Gallery p ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-4024 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-4006 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-3994 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-3733 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
@@ -99,9 +99,9 @@ CVE-2024-30890 (Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an a
 CVE-2024-30560 (Cross-Site Request Forgery (CSRF) vulnerability in \u5927\u4fa0WP DX-W ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-2829 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-2434 (An issue has been discovered in GitLab affecting all versions of GitLa ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-29660 (Cross Site Scripting vulnerability in DedeCMS v.5.7 allows a local att ...)
 	NOT-FOR-US: DedeCMS
 CVE-2024-28241 (The GLPI Agent is a generic management agent. Prior to version 1.7.2,  ...)
@@ -127,7 +127,7 @@ CVE-2024-22373 (An out-of-bounds write vulnerability exists in the JPEG2000Codec
 CVE-2024-22144 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
 	TODO: check
 CVE-2024-1347 (An issue has been discovered in GitLab CE/EE affecting all versions be ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2023-52220 (Missing Authorization vulnerability in MonsterInsights Google Analytic ...)
 	TODO: check
 CVE-2023-51484 (Improper Authentication vulnerability in wp-buy Login as User or Custo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2104f734959ca6ff2836d8ec1b416d0c362f741

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2104f734959ca6ff2836d8ec1b416d0c362f741
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240426/dac7b14a/attachment.htm>

More information about the debian-security-tracker-commits mailing list