[Git][security-tracker-team/security-tracker][master] Process some CVEs in mattermost-server, itp'ed

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 15 20:42:28 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
08dcd2d5 by Salvatore Bonaccorso at 2024-03-15T21:41:49+01:00
Process some CVEs in mattermost-server, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,11 @@ CVE-2024-2488 (A vulnerability was found in Tenda AC18 15.03.05.05. It has been
 CVE-2024-2487 (A vulnerability was found in Tenda AC18 15.03.05.05. It has been decla ...)
 	NOT-FOR-US: Tenda
 CVE-2024-2450 (Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x bef ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-2446 (Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x bef ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-2445 (Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-28854 (tls-listener is a rust lang wrapper around a connection listener to su ...)
 	TODO: check
 CVE-2024-28851 (The Snowflake Hive metastore connector provides an easy way to query H ...)
@@ -47,7 +47,7 @@ CVE-2024-28252 (CoreWCF is a port of the service side of Windows Communication F
 CVE-2024-28242 (Discourse is an open source platform for community discussion. In affe ...)
 	NOT-FOR-US: Discourse
 CVE-2024-28053 (Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10  ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-27987 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-27920 (projectdiscovery/nuclei is a fast and customisable vulnerability scann ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08dcd2d52f3ac42643f319da0e439b77a8dbe44e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08dcd2d52f3ac42643f319da0e439b77a8dbe44e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240315/8fb142af/attachment.htm>

More information about the debian-security-tracker-commits mailing list