[Git][security-tracker-team/security-tracker][master] Add some new glpi issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 18 20:26:27 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
951136a8 by Salvatore Bonaccorso at 2024-03-18T21:25:57+01:00
Add some new glpi issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49,11 +49,16 @@ CVE-2024-28537 (Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in th
CVE-2024-28039 (Improper restriction of XML external entity references vulnerability e ...)
TODO: check
CVE-2024-27937 (GLPI is a Free Asset and IT Management Software package, Data center m ...)
- TODO: check
+ - glpi <removed>
+ NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-98qw-hpg3-2hpj
+ NOTE: https://github.com/glpi-project/glpi/commit/d02c537d23cbb729fe18b87f71b3c6e84e9892da
CVE-2024-27930 (GLPI is a Free Asset and IT Management Software package, Data center m ...)
- TODO: check
+ - glpi <removed>
+ NOTE: https://github.com/glpi-project/glpi/commit/1942b70b2422fff51822f6eb3af500c94760871e
CVE-2024-27914 (GLPI is a Free Asset and IT Management Software package, Data center m ...)
- TODO: check
+ - glpi <removed>
+ NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-rcxj-fqr4-q34r
+ NOTE: https://github.com/glpi-project/glpi/commit/69e0dee8de0c0df139b42dbfa1a8997888c2af95
CVE-2024-27774 (Unitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 - CWE ...)
TODO: check
CVE-2024-27773 (Unitronics Unistream Unilogic \u2013 Versions prior to 1.35.227 - CWE ...)
@@ -71,11 +76,17 @@ CVE-2024-27768 (Unitronics Unistream Unilogic \u2013 Versions prior to 1.35.227
CVE-2024-27767 (CWE-287: Improper Authentication may allow Authentication Bypass)
TODO: check
CVE-2024-27104 (GLPI is a Free Asset and IT Management Software package, Data center m ...)
- TODO: check
+ - glpi <removed>
+ NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-prc3-cx5m-h5mj
+ NOTE: https://github.com/glpi-project/glpi/commit/b409ca437864607b03c2014b9e3293b7f141af65
CVE-2024-27098 (GLPI is a Free Asset and IT Management Software package, Data center m ...)
- TODO: check
+ - glpi <removed>
+ NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-92x4-q9w5-837w
+ NOTE: https://github.com/glpi-project/glpi/commit/3b6bc1b4aa1f3693b20ada3425d2de5108522484
CVE-2024-27096 (GLPI is a Free Asset and IT Management Software package, Data center m ...)
- TODO: check
+ - glpi <removed>
+ NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-2x8m-vrcm-2jqv
+ NOTE: https://github.com/glpi-project/glpi/commit/61a0c2302b4f633f5065358adc36058e1abc37f9
CVE-2024-26125 (Adobe Experience Manager versions 6.5.19 and earlier are affected by a ...)
TODO: check
CVE-2024-26124 (Adobe Experience Manager versions 6.5.19 and earlier are affected by a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/951136a87126363d7869a0d9e7fe2c0b39f7a6d8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/951136a87126363d7869a0d9e7fe2c0b39f7a6d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240318/19e3e091/attachment.htm>
More information about the debian-security-tracker-commits
mailing list