Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
87b263cc by Moritz Muehlenhoff at 2025-04-23T13:12:48+02:00
gitlab fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15464,7 +15464,7 @@ CVE-2025-1672 (The Notibar \u2013 Notification Bar for
WordPress plugin for Word
CVE-2025-1666 (The Cookie banner plugin for WordPress \u2013 Cookiebot CMP by
Usercen ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1540 (An issue has been discovered in GitLab CE/EE for Self-Managed
and Dedi ...)
- - gitlab <unfixed>
+ - gitlab 17.6.5-1
CVE-2025-1383 (The Podlove Podcast Publisher plugin for WordPress is
vulnerable to Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2025-0877 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
@@ -24280,7 +24280,7 @@ CVE-2025-1227 (A vulnerability was found in ywoa up to
2024.07.03. It has been r
CVE-2025-1226 (A vulnerability was found in ywoa up to 2024.07.03. It has been
declar ...)
NOT-FOR-US: ywoa
CVE-2025-1198 (An issue discovered in GitLab CE/EE affecting all versions from
16.11 ...)
- - gitlab <unfixed>
+ - gitlab 17.6.5-1
CVE-2025-1070 (CWE-434: Unrestricted Upload of File with Dangerous Type
vulnerability ...)
NOT-FOR-US: Schneider Electric
CVE-2025-1060 (CWE-319: Cleartext Transmission of Sensitive Information
vulnerability ...)
@@ -24318,7 +24318,7 @@ CVE-2025-0109 (An unauthenticated file deletion
vulnerability in the Palo Alto N
CVE-2025-0108 (An authentication bypass in the Palo Alto Networks PAN-OS
software ena ...)
NOT-FOR-US: Palo Alto Networks
CVE-2024-8266 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- - gitlab <unfixed>
+ - gitlab 17.6.5-1
CVE-2024-7102 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- gitlab 17.5.5-1
CVE-2024-57605 (Cross Site Scripting vulnerability in Daylight Studio Fuel CMS
v.1.5.2 ...)
@@ -24632,7 +24632,7 @@ CVE-2025-1214 (A vulnerability classified as critical
has been found in pihome-s
CVE-2025-1213 (A vulnerability was found in pihome-shc PiHome 1.77. It has
been rated ...)
NOT-FOR-US: pihome-shc PiHome
CVE-2025-1212 (An information disclosure vulnerability in GitLab CE/EE
affecting all ...)
- - gitlab <unfixed>
+ - gitlab 17.6.5-1
CVE-2025-1210 (A vulnerability classified as critical was found in
code-projects Wazi ...)
NOT-FOR-US: code-projects Wazifa System
CVE-2025-1209 (A vulnerability classified as problematic has been found in
code-proje ...)
@@ -24740,7 +24740,7 @@ CVE-2024-12629 (In Progress\xae Telerik\xae KendoReact
versions v3.5.0 through v
CVE-2024-12386 (The WP Abstracts plugin for WordPress is vulnerable to
Cross-Site Requ ...)
NOT-FOR-US: WordPress plugin
CVE-2024-12379 (A denial of service vulnerability in GitLab CE/EE affecting
all versio ...)
- - gitlab <unfixed>
+ - gitlab 17.6.5-1
CVE-2024-12315 (The Export All Posts, Products, Orders, Refunds & Users plugin
for Wor ...)
NOT-FOR-US: WordPress plugin
CVE-2024-12296 (The Apus Framework plugin for WordPress is vulnerable to
unauthorized ...)
@@ -26219,7 +26219,7 @@ CVE-2025-1082 (A vulnerability classified as
problematic has been found in Minds
CVE-2025-1081 (A vulnerability was found in Bharti Airtel Xstream Fiber up to
2025012 ...)
NOT-FOR-US: Bharti Airtel Xstream Fiber
CVE-2025-1072 (A Denial of Service (DoS) issue has been discovered in GitLab
CE/EE af ...)
- - gitlab <unfixed>
+ - gitlab 17.5.5-1
CVE-2025-1061 (The Nextend Social Login Pro plugin for WordPress is vulnerable
to aut ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1004 (Certain HP LaserJet Pro printers may potentially experience a
denial o ...)
@@ -29968,7 +29968,7 @@ CVE-2025-0650 (A flaw was found in the Open Virtual
Network (OVN). Specially cra
NOTE: https://www.openwall.com/lists/oss-security/2025/01/22/5
NOTE:
https://github.com/ovn-org/ovn/commit/249c52ad011cacb4c182dc64e88977ac7c61f668
(v24.09.2)
CVE-2024-11931 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- - gitlab <unfixed>
+ - gitlab 17.6.5-1
CVE-2025-0314 (An issue has been discovered in GitLab CE/EE affecting all
versions fr ...)
- gitlab 17.6.5-1
CVE-2024-53299 (The request handling in the core in Apache Wicket 7.0.0 on any
platfor ...)
@@ -39819,7 +39819,7 @@ CVE-2024-10862 (The NEX-Forms \u2013 Ultimate Form
Builder \u2013 Contact forms
CVE-2024-10858 (The Jetpack WordPress plugin before 14.1 does not properly
checks the ...)
NOT-FOR-US: WordPress plugin
CVE-2023-5117 (An issue was discovered in GitLab CE/EE affecting all versions
before ...)
- - gitlab <unfixed>
+ - gitlab 17.6.5-1
NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/398250
CVE-2024-8721 (The Tracking Code Manager plugin for WordPress is vulnerable to
Stored ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87b263cc15c212e52a6b0eedc7c82fba8bc66254
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87b263cc15c212e52a6b0eedc7c82fba8bc66254
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
