Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6412586a by Moritz Muehlenhoff at 2024-02-26T11:40:51+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
CVE-2024-27456 (rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666
permissions for th ...)
TODO: check
CVE-2024-27455 (In the Bentley ALIM Web application, certain configuration
settings ca ...)
- TODO: check
+ NOT-FOR-US: Bentley
CVE-2024-27454 (orjson.loads in orjson before 3.9.15 does not limit recursion
for deep ...)
- TODO: check
+ - python-orjson <itp> (bug #1002996)
CVE-2024-27447 (pretix before 2024.1.1 mishandles file validation.)
- TODO: check
+ NOT-FOR-US: pretix
CVE-2024-27444 (langchain_experimental (aka LangChain Experimental) in
LangChain befor ...)
- TODO: check
+ NOT-FOR-US: langchain_experimental
CVE-2024-1886 (This vulnerability allows remote attackers to traverse the
directory o ...)
- TODO: check
+ NOT-FOR-US: LG Electronics
CVE-2024-1885 (This vulnerability allows remote attackers to execute arbitrary
code o ...)
- TODO: check
+ NOT-FOR-US: LG Electronics
CVE-2024-1878 (A vulnerability was found in SourceCodester Employee Management
System ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-1877 (A vulnerability was found in SourceCodester Employee Management
System ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-1876 (A vulnerability was found in SourceCodester Employee Management
System ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-1875 (A vulnerability was found in SourceCodester Complaint
Management Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-1735 (A vulnerability has been identified in armeria-saml versions
less than ...)
- TODO: check
+ NOT-FOR-US: armeria-saml
CVE-2024-0798 (A user with a `default` role given to them by the admin can
sent `DELE ...)
- TODO: check
+ NOT-FOR-US: mintplex-labs/anything-llm
CVE-2024-0455 (The inclusion of the web scraper for AnythingLLM means that any
user w ...)
- TODO: check
+ NOT-FOR-US: mintplex-labs/anything-llm
CVE-2024-0440 (Attacker, with permission to submit a link or submits a link
via POST ...)
- TODO: check
+ NOT-FOR-US: mintplex-labs/anything-llm
CVE-2024-0439 (As a manager, you should not be able to modify a series of
settings. I ...)
- TODO: check
+ NOT-FOR-US: mintplex-labs/anything-llm
CVE-2024-0436 (Theoretically, it would be possible for an attacker to
brute-force the ...)
- TODO: check
+ NOT-FOR-US: mintplex-labs/anything-llm
CVE-2024-0435 (User can send a chat that contains an XSS opportunity that will
then r ...)
- TODO: check
+ NOT-FOR-US: mintplex-labs/anything-llm
CVE-2022-48626 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 5.16.10-1
[buster] - linux 4.19.232-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6412586a434839acfec2825a1ee7b18419407952
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6412586a434839acfec2825a1ee7b18419407952
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
