[Git][security-tracker-team/security-tracker][master] Process some mattermost CVEs, itp'ed

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 22 21:58:52 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3fc7d0e6 by Salvatore Bonaccorso at 2024-08-22T22:57:39+02:00
Process some mattermost CVEs, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,7 +33,7 @@ CVE-2024-43787 (Hono is a Web application framework that provides support for an
 CVE-2024-43785 (gitoxide An idiomatic, lean, fast & safe pure Rust implementation of G ...)
 	TODO: check
 CVE-2024-43780 (Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-43398 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS ...)
 	TODO: check
 CVE-2024-43331 (Missing Authorization vulnerability in VeronaLabs WP SMS.This issue af ...)
@@ -61,13 +61,13 @@ CVE-2024-42767 (Kashipara Hotel Management System v1.0 is vulnerable to Unrestri
 CVE-2024-42599 (SeaCMS 13.0 has a remote code execution vulnerability. The reason for  ...)
 	TODO: check
 CVE-2024-42497 (Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0,  ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-42490 (authentik is an open-source Identity Provider. Several API endpoints c ...)
 	TODO: check
 CVE-2024-42418 (Avtec Outpost uses a default cryptographic key that can be used to dec ...)
 	TODO: check
 CVE-2024-40884 (Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly  ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-3127 (An issue has been discovered in GitLab EE affecting all versions start ...)
 	TODO: check
 CVE-2024-39776 (Avtec Outpost stores sensitive information in an insecure location wit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3fc7d0e607ce718ff4e6e69b496a1ccc60d69c8c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3fc7d0e607ce718ff4e6e69b496a1ccc60d69c8c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240822/4fea9278/attachment.htm>

More information about the debian-security-tracker-commits mailing list