Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6bc333f5 by Salvatore Bonaccorso at 2025-01-23T21:27:43+01:00
Update information on CVE-2024-5187/onnx
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61977,12 +61977,13 @@ CVE-2024-5206 (A sensitive data leakage vulnerability
was identified in scikit-l
CVE-2024-5188 (The Essential Addons for Elementor \u2013 Best Elementor
Templates, Wi ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5187 (A vulnerability in the `download_model_with_test_data` function
of the ...)
- - onnx <unfixed> (bug #1075852)
+ - onnx 1.16.2-1 (bug #1075852)
[bookworm] - onnx <no-dsa> (Minor issue)
[bullseye] - onnx <no-dsa> (Minor issue)
NOTE: https://huntr.com/bounties/50235ebd-3410-4ada-b064-1a648e11237e
NOTE: https://github.com/onnx/onnx/pull/6164
- NOTE:
https://github.com/onnx/onnx/commit/3fc3845edb048df559aa2a839e39e95503a0ee34
+ NOTE:
https://github.com/onnx/onnx/commit/3fc3845edb048df559aa2a839e39e95503a0ee34
(v1.17.0)
+ NOTE:
https://github.com/onnx/onnx/commit/84051888d0943883a0edbf683f68c05ca3b28c40
(v1.16.2)
CVE-2024-5186 (A Server-Side Request Forgery (SSRF) vulnerability exists in
the file ...)
NOT-FOR-US: privategpt
CVE-2024-5133 (In lunary-ai/lunary version 1.2.4, an account takeover
vulnerability e ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bc333f5fb2a3e5be329d25627187afd61ea29a0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bc333f5fb2a3e5be329d25627187afd61ea29a0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
