[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Sep 27 11:11:46 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8cfc9f92 by Moritz Muehlenhoff at 2024-09-27T12:11:21+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8,7 +8,7 @@ CVE-2024-9029 (A flaw was found in freeimage library. Processing a crafted image
 CVE-2024-8991 (The OSM \u2013 OpenStreetMap plugin for WordPress is vulnerable to Sto ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8974 (Information disclosure in Gitlab EE/CE affecting all versions from 15. ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-8965 (The Absolute Reviews plugin for WordPress is vulnerable to Stored Cros ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8922 (The Product Enquiry for WooCommerce, WooCommerce product catalog plugi ...)
@@ -26,7 +26,7 @@ CVE-2024-7011 (Sharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P
 CVE-2024-6769 (A DLL Hijacking caused by drive remapping combined with a poisoning of ...)
 	NOT-FOR-US: Microsoft
 CVE-2024-4099 (An issue has been discovered in GitLab EE affecting all versions start ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2024-46628 (Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remo ...)
 	NOT-FOR-US: Tenda
 CVE-2024-45986 (A stored Cross-Site Scripting (XSS) vulnerability was identified in Pr ...)
@@ -250,7 +250,7 @@ CVE-2024-7772 (The Jupiter X Core plugin for WordPress is vulnerable to arbitrar
 CVE-2024-6517 (The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does no ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-4278 (An information disclosure issue has been discovered in GitLab EE affec ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2024-47330 (Missing Authorization vulnerability in Supsystic Slider by Supsystic,  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-47083 (Power Platform Terraform Provider allows managing environments and oth ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cfc9f92e2a5eb6cc42926e845d21ed6c76189fa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cfc9f92e2a5eb6cc42926e845d21ed6c76189fa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240927/85778ada/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list