[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff Tue, 15 Dec 2020 10:17:41 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8c939238 by Moritz Muehlenhoff at 2020-12-15T19:17:13+01:00
new gitlab issues
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2020-35462
 CVE-2020-35461
        RESERVED
 CVE-2020-35460 (common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 
allows dir ...)
-       TODO: check
+       NOT-FOR-US: Packwood MPXJ
 CVE-2020-35459
        RESERVED
 CVE-2020-35458
@@ -471,7 +471,7 @@ CVE-2020-35238
 CVE-2020-35237
        RESERVED
 CVE-2020-35236 (The GitLab Webhook Handler in amazee.io Lagoon before 1.12.3 
has incor ...)
-       TODO: check
+       NOT-FOR-US: amazee.io Lagoon
 CVE-2020-35235 (** UNSUPPORTED WHEN ASSIGNED ** 
vendor/elfinder/php/connector.minimal. ...)
        NOT-FOR-US: WordPress plugin secure-file-manager
 CVE-2020-35234 (The easy-wp-smtp plugin before 1.4.4 for WordPress allows 
Administrato ...)
@@ -2925,6 +2925,7 @@ CVE-2020-29488
        RESERVED
 CVE-2020-29487
        RESERVED
+       NOT-FOR-US: xapi
 CVE-2020-29486
        RESERVED
        - xen 4.14.0+88-g1d1d1f5391-1
@@ -6462,7 +6463,7 @@ CVE-2020-28398
 CVE-2020-28397
        RESERVED
 CVE-2020-28396 (A vulnerability has been identified in SICAM A8000 CP-8000 
(All versio ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-28395
        RESERVED
 CVE-2020-28394
@@ -13171,17 +13172,17 @@ CVE-2020-26418 (Memory leak in Kafka protocol 
dissector in Wireshark 3.4.0 and 3
        NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16739
        NOTE: https://www.wireshark.org/security/wnpa-sec-2020-16.html
 CVE-2020-26417 (Information disclosure via GraphQL in GitLab CE/EE 13.1 and 
later expo ...)
-       TODO: check
+       - gitlab 13.4.7-1
 CVE-2020-26416 (Information disclosure in Advanced Search component of GitLab 
EE start ...)
-       TODO: check
+       - gitlab <not-affected> (Specific to EE)
 CVE-2020-26415 (Information about the starred projects for private user 
profiles was e ...)
-       TODO: check
+       - gitlab 13.4.7-1
 CVE-2020-26414
        RESERVED
 CVE-2020-26413 (An issue has been discovered in GitLab CE/EE affecting all 
versions st ...)
-       TODO: check
+       - gitlab 13.4.7-1
 CVE-2020-26412 (Removed group members were able to use the To-Do functionality 
to retr ...)
-       TODO: check
+       - gitlab <not-affected> (Specific to EE)
 CVE-2020-26411 (A potential DOS vulnerability was discovered in all versions 
of Gitlab ...)
        - gitlab 13.4.7-1
        NOTE: 
https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/
@@ -14180,7 +14181,7 @@ CVE-2020-25969
 CVE-2020-25968
        RESERVED
 CVE-2020-25967 (The member center function in fastadmin V1.0.0.20200506_beta 
is vulner ...)
-       TODO: check
+       NOT-FOR-US: fastadmin
 CVE-2020-25966 (** DISPUTED ** Sectona Spectra before 3.4.0 has a vulnerable 
SOAP API  ...)
        NOT-FOR-US: Sectona Spectra
 CVE-2020-25965
@@ -15988,21 +15989,21 @@ CVE-2020-25237
 CVE-2020-25236
        RESERVED
 CVE-2020-25235 (A vulnerability has been identified in LOGO! 8 BM (incl. 
SIPLUS varian ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-25234 (A vulnerability has been identified in LOGO! 8 BM (incl. 
SIPLUS varian ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-25233 (A vulnerability has been identified in LOGO! 8 BM (incl. 
SIPLUS varian ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-25232 (A vulnerability has been identified in LOGO! 8 BM (incl. 
SIPLUS varian ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-25231 (A vulnerability has been identified in LOGO! 8 BM (incl. 
SIPLUS varian ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-25230 (A vulnerability has been identified in LOGO! 8 BM (incl. 
SIPLUS varian ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-25229 (A vulnerability has been identified in LOGO! 8 BM (incl. 
SIPLUS varian ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-25228 (A vulnerability has been identified in LOGO! 8 BM (incl. 
SIPLUS varian ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-25227
        RESERVED
 CVE-2020-25226



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c9392380a98e18a45084c507f345a7edd56cc5d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c9392380a98e18a45084c507f345a7edd56cc5d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new gitlab issues

Reply via email to