Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
57385cf1 by Moritz Muehlenhoff at 2023-06-06T09:15:40+02:00
new gitlab issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2023-2589
+ - gitlab <not-affected> (Specific to EE)
+CVE-2023-2485
+ - gitlab <unfixed>
CVE-2023-3111 [btrfs: unset reloc control if transaction commit fails in
prepare_to_relocate()]
- linux 5.19.6-1
NOTE:
https://git.kernel.org/linus/85f02d6c856b9f3a0acf5219de6e32f58b9778eb (6.0-rc2)
@@ -3969,8 +3973,10 @@ CVE-2023-2200
RESERVED
CVE-2023-2199
RESERVED
+ - gitlab <unfixed>
CVE-2023-2198
RESERVED
+ - gitlab <unfixed>
CVE-2023-30912
RESERVED
CVE-2023-30911
@@ -4414,6 +4420,7 @@ CVE-2023-2133 (Out of bounds memory access in Service
Worker API in Google Chrom
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-2132
RESERVED
+ - gitlab <unfixed>
CVE-2023-2131 (Versions of INEA ME RTU firmware prior to 3.36 are vulnerable
to OS co ...)
NOT-FOR-US: INEA ME RTU firmware
CVE-2023-2130 (A vulnerability classified as critical has been found in
SourceCodeste ...)
@@ -5164,10 +5171,12 @@ CVE-2023-2016
RESERVED
CVE-2023-2015
RESERVED
+ - gitlab <unfixed>
CVE-2023-2014 (Cross-site Scripting (XSS) - Generic in GitHub repository
microweber/m ...)
NOT-FOR-US: microweber
CVE-2023-2013
RESERVED
+ - gitlab <unfixed>
CVE-2023-2012
RESERVED
CVE-2022-48468 (protobuf-c before 1.4.1 has an unsigned integer overflow in
parse_requ ...)
@@ -5369,6 +5378,7 @@ CVE-2023-2002 (A vulnerability was found in the HCI
sockets implementation due t
NOTE: Hardening:
https://lore.kernel.org/linux-bluetooth/[email protected]/
CVE-2023-2001
RESERVED
+ - gitlab <unfixed>
CVE-2023-2000 (Mattermost Desktop App fails to validate a mattermost server
redirecti ...)
NOT-FOR-US: Mattermost Desktop App
CVE-2023-1999
@@ -8680,6 +8690,7 @@ CVE-2023-1826 (A vulnerability, which was classified as
critical, was found in S
NOT-FOR-US: SourceCodester Online Computer and Laptop Store
CVE-2023-1825
RESERVED
+ - gitlab <not-affected> (Specific to EE)
CVE-2022-48435 (In JetBrains PhpStorm before 2023.1 source code could be
logged in the ...)
NOT-FOR-US: JetBrains PhpStorm
CVE-2023-29233
@@ -18288,6 +18299,7 @@ CVE-2023-0922 (The Samba AD DC administration tool,
when operating against a rem
NOTE: https://www.samba.org/samba/security/CVE-2023-0922.html
CVE-2023-0921
RESERVED
+ - gitlab <unfixed>
CVE-2022-48330
RESERVED
CVE-2023-26101 (In Progress Flowmon Packet Investigator before 12.1.0, a
Flowmon user ...)
@@ -23135,6 +23147,7 @@ CVE-2023-0509 (Improper Certificate Validation in
GitHub repository pyload/pyloa
- pyload <itp> (bug #1001980)
CVE-2023-0508
RESERVED
+ - gitlab <unfixed>
CVE-2020-36657 (uptimed before 0.4.6-r1 on Gentoo allows local users (with
access to t ...)
- uptimed <not-affected> (Gentoo-specific)
CVE-2018-25078 (man-db before 2.8.5 on Gentoo allows local users (with access
to the m ...)
@@ -28291,6 +28304,7 @@ CVE-2023-0122 (A NULL pointer dereference vulnerability
in the Linux kernel NVMe
- linux <not-affected> (Vulnerable code not present in any released
Debian version)
CVE-2023-0121
RESERVED
+ - gitlab <unfixed>
CVE-2023-0120
RESERVED
CVE-2023-0119
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57385cf1e6c048ad85079c90b6ad8feec06b0788
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57385cf1e6c048ad85079c90b6ad8feec06b0788
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
