[Git][security-tracker-team/security-tracker][master] new kubernetes issue

Thu, 27 Mar 2025 17:02:00 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0521571e by Moritz Muehlenhoff at 2025-03-21T08:37:35+01:00
new kubernetes issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -366,7 +366,11 @@ CVE-2024-7764 (Vanna-ai v0.6.2 is vulnerable to SQL 
Injection due to insufficien
 CVE-2024-7760 (aimhubio/aim version 3.22.0 contains a Cross-Site Request 
Forgery (CSR ...)
        NOT-FOR-US: aimhubio/aim
 CVE-2024-7598 (A security issue was discovered in Kubernetes where a malicious 
or com ...)
-       TODO: check
+       - kubernetes 1.20.5+really1.20.2-1
+       NOTE: Server components no longer built since 1.20.5+really1.20.2-1, 
marking that as fixed version
+       NOTE: The source package itself it still vulnerable, but custom 
rebuilds are not really a usecase here
+       NOTE: https://github.com/kubernetes/kubernetes/issues/126587
+       NOTE: 
https://groups.google.com/g/kubernetes-security-announce/c/67D7UFqiPRc
 CVE-2024-7476 (A broken access control vulnerability exists in 
lunary-ai/lunary versi ...)
        NOT-FOR-US: lunary-ai/lunary
 CVE-2024-7058 (A vulnerability in the sanitize_path function in 
parisneo/lollms-webui ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0521571ed4461a1edb3006ee961c604cb0b0094c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0521571ed4461a1edb3006ee961c604cb0b0094c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to