[Git][security-tracker-team/security-tracker][master] Track new issues in mattermost-server, itp'ed
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 3 21:57:35 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bc08adcb by Salvatore Bonaccorso at 2024-07-03T22:57:00+02:00
Track new issues in mattermost-server, itp'ed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2024-6470 (A vulnerability was found in playSMS 1.4.3. It has been rated as
CVE-2024-6469 (A vulnerability was found in playSMS 1.4.3. It has been declared as pr ...)
NOT-FOR-US: playSMS
CVE-2024-6428 (Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9. ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-6427 (Uncontrolled Resource Consumption vulnerability in MESbook20221021.03 ...)
NOT-FOR-US: MESbook
CVE-2024-6426 (Information exposure vulnerability in MESbook 20221021.03 version, the ...)
@@ -25,15 +25,15 @@ CVE-2024-5672 (A high privileged remote attacker canexecute arbitrary system com
CVE-2024-3332 (A malicious BLE device can send a specific order of packet sequence to ...)
TODO: check
CVE-2024-39830 (Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-39807 (Mattermost versions 9.5.x <= 9.5.5 and 9.8.0fail to properly sanitize ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-39683 (ZITADEL is an open-source identity infrastructure tool. ZITADEL provid ...)
NOT-FOR-US: Zitadel
CVE-2024-39361 (Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-39353 (Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to sanitize the Remo ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-39248 (A cross-site scripting (XSS) vulnerability in SimpCMS v0.1 allows atta ...)
NOT-FOR-US: SimpCMS
CVE-2024-39223 (An authentication bypass in the SSH service of gost v2.11.5 allows att ...)
@@ -45,7 +45,7 @@ CVE-2024-37726 (Insecure Permissions vulnerability in Micro-Star International C
CVE-2024-37157 (Discourse is an open-source discussion platform. Prior to version 3.2. ...)
NOT-FOR-US: Discourse
CVE-2024-36257 (Mattermost versions 9.5.x <= 9.5.5 and 9.8.0,when using shared channel ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-36122 (Discourse is an open-source discussion platform. Prior to version 3.2. ...)
NOT-FOR-US: Discourse
CVE-2024-36113 (Discourse is an open-source discussion platform. Prior to version 3.2. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc08adcb3cc92f0831ae67c618e76e436c97dc85
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc08adcb3cc92f0831ae67c618e76e436c97dc85
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240703/bd8f9894/attachment.htm>
More information about the debian-security-tracker-commits
mailing list