[Git][security-tracker-team/security-tracker][master] new gitlab issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a76af9b9 by Moritz Muehlenhoff at 2025-08-28T13:43:14+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32,7 +32,7 @@ CVE-2025-5187 (A vulnerability exists in the NodeRestriction admission controlle
 	NOTE: https://github.com/kubernetes/kubernetes/issues/133471
 	NOTE: https://groups.google.com/g/kubernetes-security-announce/c/znSNY7XCztE
 CVE-2025-5101 (An issue has been discovered in GitLab CE/EE affecting all versions be ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-58218 (Deserialization of Untrusted Data vulnerability in enituretechnology S ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-58217 (Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant ...)
@@ -115,7 +115,7 @@ CVE-2025-50972 (SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthen
 CVE-2025-50428 (In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnera ...)
 	NOT-FOR-US: RaspAP
 CVE-2025-4225 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-43882 (Dell ThinOS 10, versions prior to 2508_10.0127, contains an Unverified ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-43730 (Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper N ...)
@@ -125,7 +125,7 @@ CVE-2025-43729 (Dell ThinOS 10, versions prior to 2508_10.0127, contains an Inco
 CVE-2025-43728 (Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection M ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-3601 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-34161 (Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote ...)
 	TODO: check
 CVE-2025-34159 (Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote ...)
@@ -167,7 +167,7 @@ CVE-2025-30036 (Stored XSS vulnerability exists in the "Oddzia\u0142" (Ward) mod
 CVE-2025-2313 (In the Print.pl service, the "uhcPrintServerPrint" function allows exe ...)
 	TODO: check
 CVE-2025-2246 (An issue has been discovered in GitLab CE/EE affecting all versions be ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-20348 (A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and ...)
 	NOT-FOR-US: Cisco
 CVE-2025-20347 (A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a76af9b996263d3b722a8ffa3707471db0480ab1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a76af9b996263d3b722a8ffa3707471db0480ab1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250828/18ca8b93/attachment.htm>