[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Feb 6 11:22:07 GMT 2025



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0b81007 by Moritz Muehlenhoff at 2025-02-06T12:21:44+01:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -191,11 +191,11 @@ CVE-2025-20029 (Command injection vulnerability exists in iControl REST and BIG-
 CVE-2025-0858 (A vulnerability was discovered in the firmware builds up to 8.2.1.0820 ...)
 	NOT-FOR-US: HP
 CVE-2024-9631 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
-	TODO: check
+	- gitlab 17.3.5-2
 CVE-2024-9097 (ManageEngine Endpoint Central versions before11.3.2440.09 are vulnerab ...)
 	TODO: check
 CVE-2024-6356 (An issue was discovered in GitLab EE affecting all versions starting f ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2024-56135 (Improper Input Validation vulnerability of Authenticated User in Progr ...)
 	NOT-FOR-US: Progress LoadMaster
 CVE-2024-56134 (Improper Input Validation vulnerability of Authenticated User in Progr ...)
@@ -217,13 +217,13 @@ CVE-2024-49348 (IBM Cloud Pak for Business Automation18.0.0, 18.0.1, 18.0.2, 19.
 CVE-2024-42207 (HCL iAutomate is affected by a session fixation vulnerability. An atta ...)
 	NOT-FOR-US: HCL
 CVE-2024-3976 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab 17.3.5-2
 CVE-2024-39564 (This is a similar, but different vulnerability than the issue reported ...)
 	TODO: check
 CVE-2024-2878 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
-	TODO: check
+	- gitlab 17.3.5-2
 CVE-2024-1539 (An issue has been discovered in GitLab EE affecting all versions start ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2023-52925 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.4.13-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0b810079de613fd9cee8d2cc8bc9addbe72ae48

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0b810079de613fd9cee8d2cc8bc9addbe72ae48
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250206/98ab2318/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list