[Git][security-tracker-team/security-tracker][master] new scikit-learn issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
10125439 by Moritz Muehlenhoff at 2024-06-07T12:24:25+02:00
new scikit-learn issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -181,7 +181,9 @@ CVE-2024-5225 (An SQL Injection vulnerability exists in the berriai/litellm repo
 CVE-2024-5221 (The Qi Blocks plugin for WordPress is vulnerable to Stored Cross-Site  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-5206 (A sensitive data leakage vulnerability was identified in scikit-learn' ...)
-	TODO: check
+	- scikit-learn <unfixed>
+	NOTE: https://huntr.com/bounties/14bc0917-a85b-4106-a170-d09d5191517c
+	NOTE: https://github.com/scikit-learn/scikit-learn/commit/70ca21f106b603b611da73012c9ade7cd8e438b8 (1.5.0rc1)
 CVE-2024-5188 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-5187 (A vulnerability in the `download_model_with_test_data` function of the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/101254397dc225727418baf36a37bf926e28793d

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/101254397dc225727418baf36a37bf926e28793d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240607/39d71275/attachment.htm>