[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Aug 23 11:27:09 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
55b8bbbf by Moritz Muehlenhoff at 2024-08-23T12:26:02+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -69,7 +69,7 @@ CVE-2024-8076 (A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B2023
 CVE-2024-8075 (A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B2023 ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2024-8041 (A Denial of Service (DoS) issue has been discovered in GitLab CE/EE af ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-7848 (The User Private Files \u2013 WordPress File Sharing Plugin plugin for ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-7778 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...)
@@ -77,11 +77,11 @@ CVE-2024-7778 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to
 CVE-2024-7634 (NGINX Agent's "config_dirs" restriction feature allows a highly privil ...)
 	NOT-FOR-US: NGINX Agent
 CVE-2024-7110 (An issue was discovered in GitLab EE affecting all versions starting 1 ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2024-6870 (The Responsive Lightbox & Gallery plugin for WordPress is vulnerable t ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-6502 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-45201 (An issue was discovered in llama_index before 0.10.38. download/integr ...)
 	NOT-FOR-US: llama_index
 CVE-2024-45193 (An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The ...)
@@ -140,7 +140,7 @@ CVE-2024-42418 (Avtec Outpost uses a default cryptographic key that can be used
 CVE-2024-40884 (Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly  ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2024-3127 (An issue has been discovered in GitLab EE affecting all versions start ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2024-39776 (Avtec Outpost stores sensitive information in an insecure location wit ...)
 	NOT-FOR-US: Avtec Outpost
 CVE-2024-39746 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55b8bbbfc60312b310cd784e30cf34185452dc73

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55b8bbbfc60312b310cd784e30cf34185452dc73
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240823/719c58dd/attachment.htm>

More information about the debian-security-tracker-commits mailing list