[Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2024-5187
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 4 07:54:36 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ffb6917d by Salvatore Bonaccorso at 2024-07-04T08:51:26+02:00
Add commit reference for CVE-2024-5187
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7142,6 +7142,7 @@ CVE-2024-5187 (A vulnerability in the `download_model_with_test_data` function o
[bullseye] - onnx <no-dsa> (Minor issue)
NOTE: https://huntr.com/bounties/50235ebd-3410-4ada-b064-1a648e11237e
NOTE: https://github.com/onnx/onnx/pull/6164
+ NOTE: https://github.com/onnx/onnx/commit/3fc3845edb048df559aa2a839e39e95503a0ee34
CVE-2024-5186 (A Server-Side Request Forgery (SSRF) vulnerability exists in the file ...)
NOT-FOR-US: privategpt
CVE-2024-5133 (In lunary-ai/lunary version 1.2.4, an account takeover vulnerability e ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffb6917dba531e8221050913c2dd137b939b7cc1
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffb6917dba531e8221050913c2dd137b939b7cc1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240704/4daf5112/attachment.htm>
More information about the debian-security-tracker-commits
mailing list