[Git][security-tracker-team/security-tracker][master] Add new glpi issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7aa02631 by Salvatore Bonaccorso at 2024-11-15T21:59:31+01:00
Add new glpi issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -120,7 +120,8 @@ CVE-2024-49536 (Audition versions 23.6.9, 24.4.6 and earlier are affected by an
 CVE-2024-48068 (A cross-site scripting (XSS) vulnerability in Shenzhen Landray Softwar ...)
 	NOT-FOR-US: Shenzhen Landray
 CVE-2024-47759 (GLPI is a free Asset and IT management software package. An technician ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-474f-9vpp-xxq5
 CVE-2024-46467 (By default, dedicated folders of ZONEPOINT for Windows up to 2024.1 ca ...)
 	NOT-FOR-US: ZONEPOINT for Windows
 CVE-2024-46466 (By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3  ...)
@@ -142,17 +143,21 @@ CVE-2024-45969 (NULL pointer dereference in the MMS Client in MZ Automation LibI
 CVE-2024-45784 (Apache Airflow versions before 2.10.3 contain a vulnerability that cou ...)
 	TODO: check
 CVE-2024-45609 (GLPI is a Free Asset and IT Management Software package, Data center m ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-3j2f-3j4v-hppr
 CVE-2024-45608 (GLPI is a free asset and IT management software package. An authentica ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-67p8-v79j-jp86
 CVE-2024-44759 (An arbitrary file download vulnerability in the component /Doc/Downloa ...)
 	NOT-FOR-US: NUS-M9 ERP Management Software
 CVE-2024-44625 (Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePos ...)
 	NOT-FOR-US: Go Git Service
 CVE-2024-43418 (GLPI is a free asset and IT management software package. An unauthenti ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-x8jv-fcwx-3x6m
 CVE-2024-43417 (GLPI is a free asset and IT management software package. An unauthenti ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-p633-wfj5-8x44
 CVE-2024-43189 (IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker ...)
 	NOT-FOR-US: IBM
 CVE-2024-41785 (IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-site s ...)
@@ -160,11 +165,14 @@ CVE-2024-41785 (IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-
 CVE-2024-41784 (IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1. ...)
 	NOT-FOR-US: IBM
 CVE-2024-41679 (GLPI is a free asset and IT management software package. An authentica ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-hq9q-jfhp-qqgm
 CVE-2024-41678 (GLPI is a free asset and IT management software package. An unauthenti ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-xwmx-mmrf-hqf9
 CVE-2024-40638 (GLPI is a free asset and IT management software package. An authentica ...)
-	TODO: check
+	- glpi <removed>
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-8843-r3m7-gfqx
 CVE-2024-3334 (A security bypass vulnerability exists in the Removable Media Encrypti ...)
 	TODO: check
 CVE-2024-39726 (IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 an ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7aa0263117279230f05df8c053b1a12f92a368a7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7aa0263117279230f05df8c053b1a12f92a368a7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241115/844ea022/attachment.htm>