[Git][security-tracker-team/security-tracker][master] Add CVE-2024-27322/r-base

Mon Apr 29 22:31:02 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aaa32c18 by Salvatore Bonaccorso at 2024-04-29T23:30:06+02:00
Add CVE-2024-27322/r-base

Needs some additional review for assessment.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -105,7 +105,9 @@ CVE-2024-28961 (Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a
 CVE-2024-28320 (Insecure Direct Object References (IDOR) vulnerability in Hospital Man ...)
 	TODO: check
 CVE-2024-27322 (Deserialization of untrusted data can occur in the R statistical progr ...)
-	TODO: check
+	- r-base 4.4.0-2
+	NOTE: https://hiddenlayer.com/research/r-bitrary-code-execution/
+	NOTE: https://kb.cert.org/vuls/id/238194
 CVE-2024-23995 (Cross Site Scripting (XSS) in Beekeeper Studio 4.1.13 and earlier allo ...)
 	TODO: check
 CVE-2024-1969 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaa32c18b8ff194e31af3499eae15470ea0669b6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaa32c18b8ff194e31af3499eae15470ea0669b6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240429/9b0322fe/attachment.htm>
