Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9427363a by Salvatore Bonaccorso at 2026-03-26T11:18:09+01:00
Add new gitlab issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -492,13 +492,13 @@ CVE-2026-31913 (Improper Limitation of a Pathname to a
Restricted Directory ('Pa
CVE-2026-30587 (Multiple Stored XSS vulnerabilities exist in Seafile Server
version 13 ...)
TODO: check
CVE-2026-2995 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
- TODO: check
+ - gitlab <not-affected> (Only affects Gitlab EE)
CVE-2026-2973 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- TODO: check
+ - gitlab <not-affected> (Vulnerable code not present)
CVE-2026-2745 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2026-2726 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2026-2414 (Authorization bypass through User-Controlled key vulnerability
in HYPR ...)
NOT-FOR-US: HYPR
CVE-2026-2349 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
@@ -927,7 +927,7 @@ CVE-2026-20004 (A vulnerability in the TLS library of Cisco
IOS XE Software coul
CVE-2026-1917 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
NOT-FOR-US: Drupal core and addons
CVE-2026-1724 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
- TODO: check
+ - gitlab <not-affected> (Vulnerable code not present)
CVE-2026-1712 (Incorrect privilege assignment vulnerability in HYPR Server
allows Pri ...)
NOT-FOR-US: HYPR
CVE-2026-1001 (Domoticz versions prior to 2026.1 contain a stored cross-site
scriptin ...)
@@ -961,11 +961,11 @@ CVE-2025-27260 (Ericsson Indoor Connect 8855 versions
prior to 2025.Q3 contains
CVE-2025-14790 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6
could allo ...)
NOT-FOR-US: IBM
CVE-2025-14595 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
- TODO: check
+ - gitlab <not-affected> (Only affects Gitlab EE)
CVE-2025-13436 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2025-13078 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2025-12708 (IBM Concert 1.0.0 through 2.2.0 contains hard-coded
credentials that c ...)
NOT-FOR-US: IBM
CVE-2024-58341 (OpenCart Core 4.0.2.3 contains a SQL injection vulnerability
that allo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9427363af36179bf6b902bb6f79d1c4782a69fd5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9427363af36179bf6b902bb6f79d1c4782a69fd5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
