Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1d6e6b2f by Moritz Muehlenhoff at 2025-04-03T09:32:47+02:00
older gitlab issues fixed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -54700,7 +54700,7 @@ CVE-2024-6657 (A denial of service may be caused to a
single peripheral device i
CVE-2024-5474 (A potential information disclosure vulnerability was reported
in Lenov ...)
NOT-FOR-US: Lenovo
CVE-2024-5005 (An issue has been discovered discovered in GitLab EE/CE
affecting all ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-4132 (A DLL hijack vulnerability was reported in Lenovo Lock Screen
that cou ...)
NOT-FOR-US: Lenovo
CVE-2024-4131 (A DLL hijack vulnerability was reported in Lenovo Emulator that
could ...)
@@ -61056,7 +61056,7 @@ CVE-2024-6017 (The Music Request Manager WordPress
plugin through 1.3 does not h
CVE-2024-5799 (The CM Pop-Up Banners for WordPress plugin before 1.7.3 does
not sanit ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5435 (An issue has been discovered discovered in GitLab EE/CE
affecting all ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-4660 (An issue has been discovered in GitLab EE affecting all
versions start ...)
- gitlab <not-affected> (Specific to EE)
CVE-2024-4612 (An issue has been discovered in GitLab EE affecting all
versions start ...)
@@ -69114,7 +69114,7 @@ CVE-2024-6329 (An issue was discovered in GitLab CE/EE
affecting all versions st
NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/468937
NOTE: https://hackerone.com/reports/2542483
CVE-2024-5423 (Multiple Denial of Service (DoS) conditions has been discovered
in Git ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/463807
NOTE: https://hackerone.com/reports/2518563
CVE-2024-4784 (An issue was discovered in GitLab EE starting from version 16.7
before ...)
@@ -69201,7 +69201,7 @@ CVE-2024-40476 (A Cross-Site Request Forgery (CSRF)
vulnerability was found in S
CVE-2024-40475 (SourceCodester Best House Rental Management System v1.0 is
vulnerable ...)
NOT-FOR-US: SourceCodester Best House Rental Management System
CVE-2024-3958 (An issue has been discovered in GitLab CE/EE affecting all
versions be ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/456988
NOTE: https://hackerone.com/reports/2437784
CVE-2024-3659 (Firmware in KAONAR2140 routers prior to version 4.2.16 is
vulnerable t ...)
@@ -79513,11 +79513,11 @@ CVE-2024-5655 (An issue was discovered in GitLab
CE/EE affecting all versions st
CVE-2024-5601 (The Create by Mediavine plugin for WordPress is vulnerable to
Stored C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5430 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-5289 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder
Feature ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4901 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-4704 (The Contact Form 7 WordPress plugin before 5.9.5 has an open
redirect ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4664 (The WP Chat App WordPress plugin before 3.6.5 does not sanitise
and es ...)
@@ -79529,9 +79529,9 @@ CVE-2024-4569 (The Elementor Addon Elements plugin for
WordPress is vulnerable t
CVE-2024-4557 (Multiple Denial of Service (DoS) conditions has been discovered
in Git ...)
- gitlab 17.3.5-2
CVE-2024-4011 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-3959 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-3115 (An issue was discovered in GitLab EE affecting all versions
starting f ...)
- gitlab <not-affected> (Specific to EE)
CVE-2024-3111 (The Interactive Content WordPress plugin before 1.15.8 does
not valid ...)
@@ -83384,7 +83384,7 @@ CVE-2024-4615 (The Elespare \u2013 Blog, Magazine and
Newspaper Addons for Eleme
CVE-2024-4576 (The component listed above contains a vulnerability that allows
an att ...)
NOT-FOR-US: TIBCO
CVE-2024-4201 (A cross-site scripting issue has been discovered in GitLab
affecting a ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-4149 (The Floating Chat Widget: Contact Chat Icons, WhatsApp,
Telegram Chat, ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4145 (The Search & Replace WordPress plugin before 3.2.2 does not
sanitize a ...)
@@ -88866,7 +88866,7 @@ CVE-2024-5274 (Type Confusion in V8 in Google Chrome
prior to 125.0.6422.112 all
CVE-2024-5264 (Network Transfer with AES KHT in Thales Luna EFT 2.1 and above
allows ...)
NOT-FOR-US: Thales Luna EFT
CVE-2024-5258 (An authorization vulnerability exists within GitLab from
versions 16.1 ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-5202 (Arbitrary File Readin OpenText Dimensions RM
allowsauthenticated users ...)
NOT-FOR-US: OpenText Dimensions RM
CVE-2024-5201 (Privilege Escalationin OpenText Dimensions RM allows an
authenticated ...)
@@ -89108,7 +89108,7 @@ CVE-2024-2874 (An issue has been discovered in GitLab
CE/EE affecting all versio
- gitlab 17.3.5-2
NOTE:
https://about.gitlab.com/releases/2024/05/22/patch-release-gitlab-17-0-1-released/
CVE-2024-4835 (A XSS condition exists within GitLab in versions 15.11 before
16.10.6, ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
NOTE:
https://about.gitlab.com/releases/2024/05/22/patch-release-gitlab-17-0-1-released/
CVE-2024-5196 (A vulnerability classified as critical has been found in Arris
VAP2500 ...)
NOT-FOR-US: Arris VAP2500
@@ -101934,9 +101934,9 @@ CVE-2024-4077 (Improper Neutralization of Input
During Web Page Generation ('Cro
CVE-2024-4035 (The Photo Gallery \u2013 GT3 Image Gallery & Gutenberg Block
Gallery p ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4024 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-4006 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-3994 (The Tutor LMS \u2013 eLearning and online course solution
plugin for W ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3733 (The Essential Addons for Elementor \u2013 Best Elementor
Templates, Wi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d6e6b2f21af40772ac3386621550dc3a4d7bfbf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d6e6b2f21af40772ac3386621550dc3a4d7bfbf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
