Salvatore Bonaccorso · Salvatore Bonaccorso · 5af3ebbb
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -308,18 +308,30 @@ CVE-2019-12447 (An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. dae
 	[jessie] - gvfs <not-affected> (Vulnerable code introduced later)
 	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/daf1163aba229afcfddf0f925aef7e97047e8959
 	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/3895e09d784ebec0fbc4614d5c37068736120e1d
-CVE-2019-12446
+CVE-2019-12446 [Repository Password Disclosed on Import Error Page]
 	RESERVED
-CVE-2019-12445
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12445 [Stored Cross-Site Scripting on Notes]
 	RESERVED
-CVE-2019-12444
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12444 [Stored Cross-Site Scripting on Wiki Pages]
 	RESERVED
-CVE-2019-12443
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12443 [Server-Side Request Forgery Through DNS Rebinding]
 	RESERVED
-CVE-2019-12442
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12442 [Stored Cross-Site Scripting Vulnerability on Child Epics]
 	RESERVED
-CVE-2019-12441
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12441 [Protected Branches Restriction Rules Bypass]
 	RESERVED
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12440 (The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauth ...)
 	TODO: check
 CVE-2019-12438
@@ -330,20 +342,34 @@ CVE-2019-12436
 	RESERVED
 CVE-2019-12435
 	RESERVED
-CVE-2019-12434
+CVE-2019-12434 [Private Project Discovery via Comment Links]
 	RESERVED
-CVE-2019-12433
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12433 [Internal Projects Allowed to Be Created on in Private Groups]
 	RESERVED
-CVE-2019-12432
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12432 [Confidential Issue Titles Revealed to Restricted Users on Unsubscribe]
 	RESERVED
-CVE-2019-12431
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12431 [Disclosure of Milestone Metadata through the Search API]
 	RESERVED
-CVE-2019-12430
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12430 [Remote Command Execution Vulnerability on Repository Download Feature]
 	RESERVED
-CVE-2019-12429
+	- gitlab <not-affected> (Only affects 11.11)
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12429 [Metadata of Confidential Issues Disclosed to Restricted Users]
 	RESERVED
-CVE-2019-12428
+	- gitlab <not-affected> (Only affects 11.9 and later)
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
+CVE-2019-12428 [Mandatory External Authentication Provider Sign-In Restrictions Bypass]
 	RESERVED
+	- gitlab <unfixed>
+	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12427
 	RESERVED
 CVE-2019-12426