[Git][security-tracker-team/security-tracker][master] Track more gitlab CVEs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 14 06:37:08 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aab03f4c by Salvatore Bonaccorso at 2025-08-14T07:36:44+02:00
Track more gitlab CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -191,11 +191,11 @@ CVE-2025-34153 (Hyland OnBase versions prior to 17.0.2.87 (other versions may be
 CVE-2025-32451 (A memory corruption vulnerability exists in Foxit Reader 2025.1.0.2793 ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2025-2937 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-2614 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-2498 (An improper access control in Gitlab EE affecting all versions from 12 ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-2184 (A credential management flaw in Palo Alto Networks Cortex XDR\xae Brok ...)
 	NOT-FOR-US: Palo Alto Networks
 CVE-2025-2183 (An insufficient certificate validation issue in the Palo Alto Networks ...)
@@ -223,13 +223,13 @@ CVE-2025-23295 (NVIDIA Apex for all platforms contains a vulnerability in a Pyth
 CVE-2025-23294 (NVIDIA WebDataset for all platforms contains a vulnerability where an  ...)
 	TODO: check
 CVE-2025-1477 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-5477 (A potential security vulnerability has been identified in the System B ...)
 	NOT-FOR-US: HP
 CVE-2024-12303 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <not-affected> (Vulnerable code not present)
 CVE-2024-10219 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-53859 (NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_ ...)
 	- nginx <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2025/08/13/5



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aab03f4cda9df23b8a85b8a2ba0a3d71ab681fef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aab03f4cda9df23b8a85b8a2ba0a3d71ab681fef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250814/4f6268f2/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list