Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fc2a7a75 by Moritz Muehlenhoff at 2024-06-27T12:18:18+02:00
new gitlab issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
CVE-2024-6355 (A vulnerability was found in Genexis Tilgin Fiber Home Gateway
HG1522 ...)
NOT-FOR-US: Genexis Tilgin Fiber Home Gateway
CVE-2024-6323 (Improper authorization in global search in GitLab EE affecting
all ver ...)
- TODO: check
+ - gitlab <not-affected> (Specific to EE)
CVE-2024-6283 (The DethemeKit For Elementor plugin for WordPress is vulnerable
to Sto ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6054 (The Auto Featured Image plugin for WordPress is vulnerable to
arbitrar ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5655 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-5601 (The Create by Mediavine plugin for WordPress is vulnerable to
Stored C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5430 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-5289 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder
Feature ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4901 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-4704 (The Contact Form 7 WordPress plugin before 5.9.5 has an open
redirect ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4664 (The WP Chat App WordPress plugin before 3.6.5 does not sanitise
and es ...)
@@ -25,13 +25,13 @@ CVE-2024-4570 (The Elementor Addon Elements plugin for
WordPress is vulnerable t
CVE-2024-4569 (The Elementor Addon Elements plugin for WordPress is vulnerable
to Sto ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4557 (Multiple Denial of Service (DoS) conditions has been discovered
in Git ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-4011 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-3959 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-3115 (An issue was discovered in GitLab EE affecting all versions
starting f ...)
- TODO: check
+ - gitlab <not-affected> (Specific to EE)
CVE-2024-3111 (The Interactive Content WordPress plugin before 1.15.8 does
not valid ...)
NOT-FOR-US: WordPress plugin
CVE-2024-37734 (An issue in OpenEMR 7.0.2 allows a remote attacker to escalate
privile ...)
@@ -45,7 +45,7 @@ CVE-2024-37247 (Improper Neutralization of Input During Web
Page Generation (XSS
CVE-2024-36829 (Incorrect access control in Teldat M1 v11.00.05.50.01 allows
attackers ...)
NOT-FOR-US: Teldat M1
CVE-2024-2191 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-28984 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 10 ...)
NOT-FOR-US: Hitachi
CVE-2024-28983 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 10 ...)
@@ -65,9 +65,9 @@ CVE-2024-22231 (Syndic cache directory creation is vulnerable
to a directory tra
CVE-2024-1839 (Intrado 911 Emergency Gateway login form is vulnerable to an
unauthent ...)
NOT-FOR-US: Intrado 911 Emergency Gateway
CVE-2024-1816 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-1493 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-1330 (The kadence-blocks-pro WordPress plugin before 2.3.8 does not
prevent ...)
NOT-FOR-US: WordPress plugin
CVE-2024-XXXX [RUSTSEC-2024-0345]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc2a7a752126287ff59584e2e20eb39247652b40
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc2a7a752126287ff59584e2e20eb39247652b40
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
