[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Jun 22 19:07:04 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a94eaf4d by Moritz Muehlenhoff at 2025-06-22T20:06:28+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -243,7 +243,7 @@ CVE-2025-5963 (The Postbox's configuration on macOS, specifically the presence o
 CVE-2025-5255 (The Phoenix Code's configuration on macOS, specifically the presence o ...)
 	NOT-FOR-US: Phoenix Code
 CVE-2025-5121 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-52825 (Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real E ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-52822 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -498,7 +498,7 @@ CVE-2025-32875 (An issue was discovered in the COROS application through 3.8.12
 CVE-2025-32753 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains an  ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-2443 (An issue has been discovered in GitLab EE that allows for cross-site-s ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2025-25038 (An OS command injection vulnerability exists in MiniDVBLinux version 5 ...)
 	NOT-FOR-US: MiniDVBLinux
 CVE-2025-25037 (An information disclosure vulnerability exists in Aquatronica Controll ...)
@@ -506,13 +506,13 @@ CVE-2025-25037 (An information disclosure vulnerability exists in Aquatronica Co
 CVE-2025-25034 (A PHP object injection vulnerability exists in SugarCRM versions prior ...)
 	NOT-FOR-US: SugarCRM
 CVE-2024-7586 (An issue was discovered in GitLab EE affecting all versions starting f ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2024-53298 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains a m ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2024-4994 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2024-4025 (A Denial of Service (DoS) condition has been discovered in GitLab CE/E ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2025-38083 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/d35acc1be3480505b5931f17e4ea9b7617fea4d3 (6.16-rc2)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a94eaf4d4da8d49df6a997a24b8792b834744dac

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a94eaf4d4da8d49df6a997a24b8792b834744dac
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250622/f6a3b4f6/attachment.htm>

More information about the debian-security-tracker-commits mailing list