Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e029fae7 by Moritz Mühlenhoff at 2025-02-02T15:01:51+01:00
track ollama ITP
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27259,13 +27259,13 @@ CVE-2024-42835 (langflow v1.0.12 was discovered to
contain a remote code executi
CVE-2024-42515 (Glossarizer through 1.5.2 improperly tries to convert text
into HTML. ...)
NOT-FOR-US: Glossarizer
CVE-2024-39722 (An issue was discovered in Ollama before 0.1.46. It exposes
which file ...)
- NOT-FOR-US: Ollama
+ - ollama <itp> (bug #1094806)
CVE-2024-39721 (An issue was discovered in Ollama before 0.1.34. The
CreateModelHandle ...)
- NOT-FOR-US: Ollama
+ - ollama <itp> (bug #1094806)
CVE-2024-39720 (An issue was discovered in Ollama before 0.1.46. An attacker
can use t ...)
- NOT-FOR-US: Ollama
+ - ollama <itp> (bug #1094806)
CVE-2024-39719 (An issue was discovered in Ollama through 0.3.14. File
existence discl ...)
- NOT-FOR-US: Ollama
+ - ollama <itp> (bug #1094806)
CVE-2024-39332 (Webswing 23.2.2 allows remote attackers to modify client-side
JavaScri ...)
NOT-FOR-US: Webswing
CVE-2024-30149 (HCL AppScan Source <= 10.6.0 does not properly validate a
TLS/SSL cert ...)
@@ -42822,7 +42822,7 @@ CVE-2024-4428 (Improper Privilege Management
vulnerability in Menulux Informatio
CVE-2024-45440 (core/authorize.php in Drupal 11.x-dev allows Full Path
Disclosure (eve ...)
- drupal7 <removed>
CVE-2024-45436 (extractFromZipFile in model.go in Ollama before 0.1.47 can
extract mem ...)
- NOT-FOR-US: Ollama
+ - ollama <itp> (bug #1094806)
CVE-2024-45435 (Chartist 1.x through 1.3.0 allows Prototype Pollution via the
extend f ...)
NOT-FOR-US: Chartist
CVE-2024-45233 (An issue was discovered in powermail extension through 12.3.5
for TYPO ...)
@@ -65583,7 +65583,7 @@ CVE-2024-4376 (The Premium Addons for Elementor plugin
for WordPress is vulnerab
CVE-2024-4205 (The Premium Addons for Elementor plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2024-37032 (Ollama before 0.1.34 does not validate the format of the
digest (sha25 ...)
- NOT-FOR-US: Ollama
+ - ollama <itp> (bug #1094806)
CVE-2024-37018 (The OpenDaylight 0.15.3 controller allows topology poisoning
via API r ...)
NOT-FOR-US: OpenDaylight
CVE-2024-37017 (asdcplib (aka AS-DCP Lib) 2.13.1 has a heap-based buffer
over-read in ...)
@@ -86380,7 +86380,7 @@ CVE-2024-28732 (An issue was discovered in OFPMatch in
parser.py in Faucet SDN R
CVE-2024-28270 (An issue discovered in web-flash v3.0 allows attackers to
reset passwo ...)
NOT-FOR-US: web-flash
CVE-2024-28224 (Ollama before 0.1.29 has a DNS rebinding vulnerability that
can inadve ...)
- NOT-FOR-US: Ollama
+ - ollama <itp> (bug #1094806)
CVE-2024-28066 (In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are
used (a h ...)
NOT-FOR-US: Unify CP IP Phone firmware
CVE-2024-27897 (Input verification vulnerability in the call module. Impact:
Successfu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e029fae7dbc4495dd6cca4abfef3dccf934a71aa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e029fae7dbc4495dd6cca4abfef3dccf934a71aa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
