Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8818ae2b by Moritz Mühlenhoff at 2025-02-13T16:33:16+01:00
new gitlab issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2024-3303
+ - gitlab <not-affected> (Specific to EE)
CVE-2025-0998
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -23,7 +25,7 @@ CVE-2025-1227 (A vulnerability was found in ywoa up to
2024.07.03. It has been r
CVE-2025-1226 (A vulnerability was found in ywoa up to 2024.07.03. It has been
declar ...)
NOT-FOR-US: ywoa
CVE-2025-1198 (An issue discovered in GitLab CE/EE affecting all versions from
16.11 ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2025-1070 (CWE-434: Unrestricted Upload of File with Dangerous Type
vulnerability ...)
NOT-FOR-US: Schneider Electric
CVE-2025-1060 (CWE-319: Cleartext Transmission of Sensitive Information
vulnerability ...)
@@ -366,7 +368,7 @@ CVE-2025-1214 (A vulnerability classified as critical has
been found in pihome-s
CVE-2025-1213 (A vulnerability was found in pihome-shc PiHome 1.77. It has
been rated ...)
NOT-FOR-US: pihome-shc PiHome
CVE-2025-1212 (An information disclosure vulnerability in GitLab CE/EE
affecting all ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2025-1210 (A vulnerability classified as critical was found in
code-projects Wazi ...)
NOT-FOR-US: code-projects Wazifa System
CVE-2025-1209 (A vulnerability classified as problematic has been found in
code-proje ...)
@@ -412,7 +414,7 @@ CVE-2025-1101 (A CWE-204 "Observable Response Discrepancy"
in the login page in
CVE-2025-1100 (A CWE-259 "Use of Hard-coded Password" for the root account in
Q-Free ...)
NOT-FOR-US: Q-Free MaxTime
CVE-2025-1042 (An insecure direct object reference vulnerability in GitLab EE
affecti ...)
- TODO: check
+ - gitlab <not-affected> (Specific to EE)
CVE-2025-0937 (Nomad Community and Nomad Enterprise ("Nomad") event stream
configured ...)
TODO: check
CVE-2025-0925
@@ -422,17 +424,17 @@ CVE-2025-0919
CVE-2025-0556 (In Progress\xae Telerik\xae Report Server, versions prior to
2025 Q1 ( ...)
NOT-FOR-US: Progress Telerik Report Server
CVE-2025-0516 (Improper Authorization in GitLab CE/EE affecting all versions
from 17. ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2025-0511 (The Welcart e-Commerce plugin for WordPress is vulnerable to
Stored Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2025-0506 (The Rise Blocks \u2013 A Complete Gutenberg Page Builder plugin
for Wo ...)
NOT-FOR-US: WordPress plugin
CVE-2025-0376 (An XSS vulnerability exists in GitLab CE/EE affecting all
versions fro ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2025-0332 (In Progress\xae Telerik\xae UI for WinForms, versions prior to
2025 Q1 ...)
NOT-FOR-US: Progress Telerik
CVE-2024-9870 (An external service interaction vulnerability in GitLab EE
affecting a ...)
- TODO: check
+ - gitlab <not-affected> (Specific to EE)
CVE-2024-6097 (In Progress\xae Telerik\xae Reporting versions prior to 2025 Q1
(19.0. ...)
NOT-FOR-US: Progress Telerik
CVE-2024-54160 (dashboards-reporting (aka Dashboards Reports) before 2.19.0.0,
as ship ...)
@@ -474,7 +476,7 @@ CVE-2024-12629 (In Progress\xae Telerik\xae KendoReact
versions v3.5.0 through v
CVE-2024-12386 (The WP Abstracts plugin for WordPress is vulnerable to
Cross-Site Requ ...)
NOT-FOR-US: WordPress plugin
CVE-2024-12379 (A denial of service vulnerability in GitLab CE/EE affecting
all versio ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2024-12315 (The Export All Posts, Products, Orders, Refunds & Users plugin
for Wor ...)
NOT-FOR-US: WordPress plugin
CVE-2024-12296 (The Apus Framework plugin for WordPress is vulnerable to
unauthorized ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8818ae2befd8a4e6bbdacbb2beba036421d0e2da
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8818ae2befd8a4e6bbdacbb2beba036421d0e2da
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
