Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5e52b1cd by Salvatore Bonaccorso at 2024-11-26T22:00:59+01:00
Process new gitlab CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,13 +11,13 @@ CVE-2024-8899 (The Jeg Elementor Kit plugin for WordPress
is vulnerable to Sensi
CVE-2024-8676 (A vulnerability was found in CRI-O, where it can be requested
to take ...)
- cri-o <itp> (bug #979702)
CVE-2024-8237 (A Denial of Service (DoS) issue has been discovered in GitLab
CE/EE af ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-8236 (The Elementor Website Builder \u2013 More than Just a Page
Builder plu ...)
NOT-FOR-US: WordPress plugin
CVE-2024-8177 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-8114 (An issue has been discovered in GitLab CE/EE affecting all
versions fr ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-53976 (Under certain circumstances, navigating to a webpage would
result in t ...)
- firefox <not-affected> (Specific to Firefox on iOS)
CVE-2024-53975 (Accessing a non-secure HTTP site that uses a non-existent port
may cau ...)
@@ -111,7 +111,7 @@ CVE-2024-32965 (Lobe Chat is an open-source, AI chat
framework. Versions of lobe
CVE-2024-22117 (When a URL is added to the map element, it is recorded in the
database ...)
TODO: check
CVE-2024-11828 (A denial of service (DoS) condition was discovered in GitLab
CE/EE aff ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-11743 (A vulnerability, which was classified as problematic, was
found in Sou ...)
TODO: check
CVE-2024-11742 (A vulnerability, which was classified as problematic, has been
found i ...)
@@ -119,9 +119,9 @@ CVE-2024-11742 (A vulnerability, which was classified as
problematic, has been f
CVE-2024-11680 (ProjectSend versions prior to r1720 are affected by an
improper authen ...)
TODO: check
CVE-2024-11669 (An issue was discovered in GitLab CE/EE affecting all versions
from 16 ...)
- TODO: check
+ - gitlab <not-affected> (Vulnerable code introduced later)
CVE-2024-11668 (An issue has been discovered in GitLab CE/EE affecting all
versions fr ...)
- TODO: check
+ - gitlab <not-affected> (Vulnerable code introduced later)
CVE-2024-11407 (There exists a denial of service through Data corruption in
gRPC-C++ - ...)
TODO: check
CVE-2024-11192 (The Spotify Play Button for WordPress plugin for WordPress is
vulnerab ...)
@@ -145,7 +145,7 @@ CVE-2024-10579 (The Hustle \u2013 Email Marketing, Lead
Generation, Optins, Popu
CVE-2024-10308 (The Jeg Elementor Kit plugin for WordPress is vulnerable to
Stored Cro ...)
TODO: check
CVE-2024-10240 (An issue has been discovered in GitLab EE affecting all
versions start ...)
- TODO: check
+ - gitlab <not-affected> (Vulnerable code introduced later)
CVE-2024-XXXX [Supplemental group inheritance grants unintended access to GID
0 due to lack of supplemental groups from mod_sql]
- proftpd-dfsg 1.3.8.b+dfsg-4 (bug #1082326)
NOTE: https://github.com/proftpd/proftpd/issues/1830
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e52b1cde53e89224e572c8ea5e6ba47b32bc288
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e52b1cde53e89224e572c8ea5e6ba47b32bc288
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
