[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) Wed, 06 Jul 2022 05:36:29 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6eb5146f by Moritz Muehlenhoff at 2022-07-06T14:34:30+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -993,7 +993,7 @@ CVE-2022-2272
 CVE-2022-2271
        RESERVED
 CVE-2022-2270 (An issue has been discovered in GitLab affecting all versions 
starting ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-2269
        RESERVED
 CVE-2022-2268 (The Import any XML or CSV File to WordPress plugin before 3.6.8 
accept ...)
@@ -1183,7 +1183,7 @@ CVE-2022-2252 (Open Redirect in GitHub repository 
microweber/microweber prior to
 CVE-2022-2251
        RESERVED
 CVE-2022-2250 (An open redirect vulnerability in GitLab EE/CE affecting all 
versions  ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2021-46826
        RESERVED
 CVE-2021-46825
@@ -1259,9 +1259,9 @@ CVE-2022-34735
 CVE-2022-2245
        RESERVED
 CVE-2022-2244 (An improper authorization vulnerability in GitLab EE/CE 
affecting all  ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-2243 (An access control vulnerability in GitLab EE/CE affecting all 
versions ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-2242
        RESERVED
 CVE-2022-2241
@@ -1278,7 +1278,7 @@ CVE-2022-2237
 CVE-2022-2236
        RESERVED
 CVE-2022-2235 (Insufficient sanitization in GitLab EE's external issue tracker 
affect ...)
-       TODO: check
+       - gitlab <not-affected> (Specific to EE)
 CVE-2017-20138
        RESERVED
 CVE-2017-20137
@@ -1321,13 +1321,13 @@ CVE-2022-2231 (NULL Pointer Dereference in GitHub 
repository vim/vim prior to 8.
        NOTE: 
https://github.com/vim/vim/commit/79481367a457951aabd9501b510fd7e3eb29c3d8 
(v8.2.5169)
        NOTE: Crash in CLI tool, no security impact
 CVE-2022-2230 (A Stored Cross-Site Scripting vulnerability in the project 
settings pa ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-2229 (An improper authorization issue in GitLab CE/EE affecting all 
versions ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-2228 (Information exposure in GitLab EE affecting all versions from 
12.0 pri ...)
-       TODO: check
+       - gitlab <not-affected> (Specific to EE)
 CVE-2022-2227 (Improper access control in the runner jobs API in GitLab CE/EE 
affecti ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-2226
        RESERVED
        {DSA-5175-1}
@@ -2405,7 +2405,7 @@ CVE-2022-34328 (PMB 7.3.10 allows reflected XSS via the 
id parameter in an lvl=a
 CVE-2022-32284 (Use of insufficiently random values vulnerability exists in 
Vnet/IP co ...)
        NOT-FOR-US: YOKOGAWA
 CVE-2022-2185 (A critical issue has been discovered in GitLab affecting all 
versions  ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-2184
        RESERVED
 CVE-2022-2183 (Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 
...)
@@ -7625,11 +7625,11 @@ CVE-2022-1985 (The Download Manager Plugin for 
WordPress is vulnerable to reflec
 CVE-2022-1984
        RESERVED
 CVE-2022-1983 (Incorrect authorization in GitLab EE affecting all versions 
from 10.7  ...)
-       TODO: check
+       - gitlab <not-affected> (Specific to EE)
 CVE-2022-1982 (Uncontrolled resource consumption in Mattermost version 6.6.0 
and earl ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2022-1981 (An issue has been discovered in GitLab EE affecting all 
versions start ...)
-       TODO: check
+       - gitlab <not-affected> (Specific to EE)
 CVE-2022-1980 (A vulnerability was found in SourceCodester Product Show Room 
Site 1.0 ...)
        NOT-FOR-US: SourceCodester Product Show Room Site
 CVE-2022-1979 (A vulnerability was found in SourceCodester Product Show Room 
Site 1.0 ...)
@@ -7877,7 +7877,7 @@ CVE-2022-32160
 CVE-2022-32159 (In openlibrary versions deploy-2016-07-0 through 
deploy-2021-12-22 are ...)
        NOT-FOR-US: openlibrary
 CVE-2022-1963 (An issue has been discovered in GitLab CE/EE affecting all 
versions st ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2021-4233
        RESERVED
 CVE-2022-32158 (Splunk Enterprise deployment servers in versions before 9.0 
let client ...)
@@ -7947,7 +7947,7 @@ CVE-2022-1956
 CVE-2022-1955 (Session 1.13.0 allows an attacker with physical access to the 
victim's ...)
        TODO: check
 CVE-2022-1954 (A Regular Expression Denial of Service vulnerability in GitLab 
CE/EE a ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-1953 (The Product Configurator for WooCommerce WordPress plugin 
before 1.2.3 ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-1952



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6eb5146fe23a1fe151747118d443d3bdcd5a4a7a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6eb5146fe23a1fe151747118d443d3bdcd5a4a7a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new gitlab issues

Reply via email to