ISHACK AI BOT

Rocky Linux: CVE-2024-33602: glibc (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 06/17/2024 Added 06/17/2024 Modified 11/18/2024 Description nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) rocky-upgrade-compat-libpthread-nonshared rocky-upgrade-glibc rocky-upgrade-glibc-all-langpacks rocky-upgrade-glibc-all-langpacks-debuginfo rocky-upgrade-glibc-benchtests rocky-upgrade-glibc-benchtests-debuginfo rocky-upgrade-glibc-common rocky-upgrade-glibc-common-debuginfo rocky-upgrade-glibc-debuginfo rocky-upgrade-glibc-debugsource rocky-upgrade-glibc-devel rocky-upgrade-glibc-gconv-extra rocky-upgrade-glibc-gconv-extra-debuginfo rocky-upgrade-glibc-headers rocky-upgrade-glibc-langpack-aa rocky-upgrade-glibc-langpack-af rocky-upgrade-glibc-langpack-agr rocky-upgrade-glibc-langpack-ak rocky-upgrade-glibc-langpack-am rocky-upgrade-glibc-langpack-an rocky-upgrade-glibc-langpack-anp rocky-upgrade-glibc-langpack-ar rocky-upgrade-glibc-langpack-as rocky-upgrade-glibc-langpack-ast rocky-upgrade-glibc-langpack-ayc rocky-upgrade-glibc-langpack-az rocky-upgrade-glibc-langpack-be rocky-upgrade-glibc-langpack-bem rocky-upgrade-glibc-langpack-ber rocky-upgrade-glibc-langpack-bg rocky-upgrade-glibc-langpack-bhb rocky-upgrade-glibc-langpack-bho rocky-upgrade-glibc-langpack-bi rocky-upgrade-glibc-langpack-bn rocky-upgrade-glibc-langpack-bo rocky-upgrade-glibc-langpack-br rocky-upgrade-glibc-langpack-brx rocky-upgrade-glibc-langpack-bs rocky-upgrade-glibc-langpack-byn rocky-upgrade-glibc-langpack-ca rocky-upgrade-glibc-langpack-ce rocky-upgrade-glibc-langpack-chr rocky-upgrade-glibc-langpack-ckb rocky-upgrade-glibc-langpack-cmn rocky-upgrade-glibc-langpack-crh rocky-upgrade-glibc-langpack-cs rocky-upgrade-glibc-langpack-csb rocky-upgrade-glibc-langpack-cv rocky-upgrade-glibc-langpack-cy rocky-upgrade-glibc-langpack-da rocky-upgrade-glibc-langpack-de rocky-upgrade-glibc-langpack-doi rocky-upgrade-glibc-langpack-dsb rocky-upgrade-glibc-langpack-dv rocky-upgrade-glibc-langpack-dz rocky-upgrade-glibc-langpack-el rocky-upgrade-glibc-langpack-en rocky-upgrade-glibc-langpack-eo rocky-upgrade-glibc-langpack-es rocky-upgrade-glibc-langpack-et rocky-upgrade-glibc-langpack-eu rocky-upgrade-glibc-langpack-fa rocky-upgrade-glibc-langpack-ff rocky-upgrade-glibc-langpack-fi rocky-upgrade-glibc-langpack-fil rocky-upgrade-glibc-langpack-fo rocky-upgrade-glibc-langpack-fr rocky-upgrade-glibc-langpack-fur rocky-upgrade-glibc-langpack-fy rocky-upgrade-glibc-langpack-ga rocky-upgrade-glibc-langpack-gd rocky-upgrade-glibc-langpack-gez rocky-upgrade-glibc-langpack-gl rocky-upgrade-glibc-langpack-gu rocky-upgrade-glibc-langpack-gv rocky-upgrade-glibc-langpack-ha rocky-upgrade-glibc-langpack-hak rocky-upgrade-glibc-langpack-he rocky-upgrade-glibc-langpack-hi rocky-upgrade-glibc-langpack-hif rocky-upgrade-glibc-langpack-hne rocky-upgrade-glibc-langpack-hr rocky-upgrade-glibc-langpack-hsb rocky-upgrade-glibc-langpack-ht rocky-upgrade-glibc-langpack-hu rocky-upgrade-glibc-langpack-hy rocky-upgrade-glibc-langpack-ia rocky-upgrade-glibc-langpack-id rocky-upgrade-glibc-langpack-ig rocky-upgrade-glibc-langpack-ik rocky-upgrade-glibc-langpack-is rocky-upgrade-glibc-langpack-it rocky-upgrade-glibc-langpack-iu rocky-upgrade-glibc-langpack-ja rocky-upgrade-glibc-langpack-ka rocky-upgrade-glibc-langpack-kab rocky-upgrade-glibc-langpack-kk rocky-upgrade-glibc-langpack-kl rocky-upgrade-glibc-langpack-km rocky-upgrade-glibc-langpack-kn rocky-upgrade-glibc-langpack-ko rocky-upgrade-glibc-langpack-kok rocky-upgrade-glibc-langpack-ks rocky-upgrade-glibc-langpack-ku rocky-upgrade-glibc-langpack-kw rocky-upgrade-glibc-langpack-ky rocky-upgrade-glibc-langpack-lb rocky-upgrade-glibc-langpack-lg rocky-upgrade-glibc-langpack-li rocky-upgrade-glibc-langpack-lij rocky-upgrade-glibc-langpack-ln rocky-upgrade-glibc-langpack-lo rocky-upgrade-glibc-langpack-lt rocky-upgrade-glibc-langpack-lv rocky-upgrade-glibc-langpack-lzh rocky-upgrade-glibc-langpack-mag rocky-upgrade-glibc-langpack-mai rocky-upgrade-glibc-langpack-mfe rocky-upgrade-glibc-langpack-mg rocky-upgrade-glibc-langpack-mhr rocky-upgrade-glibc-langpack-mi rocky-upgrade-glibc-langpack-miq rocky-upgrade-glibc-langpack-mjw rocky-upgrade-glibc-langpack-mk rocky-upgrade-glibc-langpack-ml rocky-upgrade-glibc-langpack-mn rocky-upgrade-glibc-langpack-mni rocky-upgrade-glibc-langpack-mnw rocky-upgrade-glibc-langpack-mr rocky-upgrade-glibc-langpack-ms rocky-upgrade-glibc-langpack-mt rocky-upgrade-glibc-langpack-my rocky-upgrade-glibc-langpack-nan rocky-upgrade-glibc-langpack-nb rocky-upgrade-glibc-langpack-nds rocky-upgrade-glibc-langpack-ne rocky-upgrade-glibc-langpack-nhn rocky-upgrade-glibc-langpack-niu rocky-upgrade-glibc-langpack-nl rocky-upgrade-glibc-langpack-nn rocky-upgrade-glibc-langpack-nr rocky-upgrade-glibc-langpack-nso rocky-upgrade-glibc-langpack-oc rocky-upgrade-glibc-langpack-om rocky-upgrade-glibc-langpack-or rocky-upgrade-glibc-langpack-os rocky-upgrade-glibc-langpack-pa rocky-upgrade-glibc-langpack-pap rocky-upgrade-glibc-langpack-pl rocky-upgrade-glibc-langpack-ps rocky-upgrade-glibc-langpack-pt rocky-upgrade-glibc-langpack-quz rocky-upgrade-glibc-langpack-raj rocky-upgrade-glibc-langpack-ro rocky-upgrade-glibc-langpack-ru rocky-upgrade-glibc-langpack-rw rocky-upgrade-glibc-langpack-sa rocky-upgrade-glibc-langpack-sah rocky-upgrade-glibc-langpack-sat rocky-upgrade-glibc-langpack-sc rocky-upgrade-glibc-langpack-sd rocky-upgrade-glibc-langpack-se rocky-upgrade-glibc-langpack-sgs rocky-upgrade-glibc-langpack-shn rocky-upgrade-glibc-langpack-shs rocky-upgrade-glibc-langpack-si rocky-upgrade-glibc-langpack-sid rocky-upgrade-glibc-langpack-sk rocky-upgrade-glibc-langpack-sl rocky-upgrade-glibc-langpack-sm rocky-upgrade-glibc-langpack-so rocky-upgrade-glibc-langpack-sq rocky-upgrade-glibc-langpack-sr rocky-upgrade-glibc-langpack-ss rocky-upgrade-glibc-langpack-st rocky-upgrade-glibc-langpack-sv rocky-upgrade-glibc-langpack-sw rocky-upgrade-glibc-langpack-szl rocky-upgrade-glibc-langpack-ta rocky-upgrade-glibc-langpack-tcy rocky-upgrade-glibc-langpack-te rocky-upgrade-glibc-langpack-tg rocky-upgrade-glibc-langpack-th rocky-upgrade-glibc-langpack-the rocky-upgrade-glibc-langpack-ti rocky-upgrade-glibc-langpack-tig rocky-upgrade-glibc-langpack-tk rocky-upgrade-glibc-langpack-tl rocky-upgrade-glibc-langpack-tn rocky-upgrade-glibc-langpack-to rocky-upgrade-glibc-langpack-tpi rocky-upgrade-glibc-langpack-tr rocky-upgrade-glibc-langpack-ts rocky-upgrade-glibc-langpack-tt rocky-upgrade-glibc-langpack-ug rocky-upgrade-glibc-langpack-uk rocky-upgrade-glibc-langpack-unm rocky-upgrade-glibc-langpack-ur rocky-upgrade-glibc-langpack-uz rocky-upgrade-glibc-langpack-ve rocky-upgrade-glibc-langpack-vi rocky-upgrade-glibc-langpack-wa rocky-upgrade-glibc-langpack-wae rocky-upgrade-glibc-langpack-wal rocky-upgrade-glibc-langpack-wo rocky-upgrade-glibc-langpack-xh rocky-upgrade-glibc-langpack-yi rocky-upgrade-glibc-langpack-yo rocky-upgrade-glibc-langpack-yue rocky-upgrade-glibc-langpack-yuw rocky-upgrade-glibc-langpack-zh rocky-upgrade-glibc-langpack-zu rocky-upgrade-glibc-locale-source rocky-upgrade-glibc-minimal-langpack rocky-upgrade-glibc-nss-devel rocky-upgrade-glibc-static rocky-upgrade-glibc-utils rocky-upgrade-glibc-utils-debuginfo rocky-upgrade-libnsl rocky-upgrade-libnsl-debuginfo rocky-upgrade-nscd rocky-upgrade-nscd-debuginfo rocky-upgrade-nss_db rocky-upgrade-nss_db-debuginfo rocky-upgrade-nss_hesiod rocky-upgrade-nss_hesiod-debuginfo References https://attackerkb.com/topics/cve-2024-33602 CVE - 2024-33602 https://errata.rockylinux.org/RLSA-2024:3339 https://errata.rockylinux.org/RLSA-2024:3344

Rocky Linux: CVE-2024-34064: python-jinja2 (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 06/17/2024 Added 06/17/2024 Modified 11/18/2024 Description Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4. Solution(s) rocky-upgrade-fence-agents-aliyun rocky-upgrade-fence-agents-all rocky-upgrade-fence-agents-aws rocky-upgrade-fence-agents-azure-arm rocky-upgrade-fence-agents-compute rocky-upgrade-fence-agents-gce rocky-upgrade-fence-agents-kdump rocky-upgrade-fence-agents-kdump-debuginfo rocky-upgrade-fence-agents-kubevirt rocky-upgrade-fence-agents-kubevirt-debuginfo rocky-upgrade-fence-agents-openstack rocky-upgrade-fence-agents-redfish rocky-upgrade-fence-agents-zvm rocky-upgrade-fence-virt rocky-upgrade-fence-virt-debuginfo rocky-upgrade-fence-virtd rocky-upgrade-fence-virtd-cpg rocky-upgrade-fence-virtd-cpg-debuginfo rocky-upgrade-fence-virtd-debuginfo rocky-upgrade-fence-virtd-libvirt rocky-upgrade-fence-virtd-libvirt-debuginfo rocky-upgrade-fence-virtd-multicast rocky-upgrade-fence-virtd-multicast-debuginfo rocky-upgrade-fence-virtd-serial rocky-upgrade-fence-virtd-serial-debuginfo rocky-upgrade-fence-virtd-tcp rocky-upgrade-fence-virtd-tcp-debuginfo rocky-upgrade-ha-cloud-support rocky-upgrade-ha-cloud-support-debuginfo References https://attackerkb.com/topics/cve-2024-34064 CVE - 2024-34064 https://errata.rockylinux.org/RLSA-2024:3820 https://errata.rockylinux.org/RLSA-2024:4231

Rocky Linux: CVE-2024-33599: glibc (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 06/17/2024 Added 06/17/2024 Modified 11/18/2024 Description nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) rocky-upgrade-compat-libpthread-nonshared rocky-upgrade-glibc rocky-upgrade-glibc-all-langpacks rocky-upgrade-glibc-all-langpacks-debuginfo rocky-upgrade-glibc-benchtests rocky-upgrade-glibc-benchtests-debuginfo rocky-upgrade-glibc-common rocky-upgrade-glibc-common-debuginfo rocky-upgrade-glibc-debuginfo rocky-upgrade-glibc-debugsource rocky-upgrade-glibc-devel rocky-upgrade-glibc-gconv-extra rocky-upgrade-glibc-gconv-extra-debuginfo rocky-upgrade-glibc-headers rocky-upgrade-glibc-langpack-aa rocky-upgrade-glibc-langpack-af rocky-upgrade-glibc-langpack-agr rocky-upgrade-glibc-langpack-ak rocky-upgrade-glibc-langpack-am rocky-upgrade-glibc-langpack-an rocky-upgrade-glibc-langpack-anp rocky-upgrade-glibc-langpack-ar rocky-upgrade-glibc-langpack-as rocky-upgrade-glibc-langpack-ast rocky-upgrade-glibc-langpack-ayc rocky-upgrade-glibc-langpack-az rocky-upgrade-glibc-langpack-be rocky-upgrade-glibc-langpack-bem rocky-upgrade-glibc-langpack-ber rocky-upgrade-glibc-langpack-bg rocky-upgrade-glibc-langpack-bhb rocky-upgrade-glibc-langpack-bho rocky-upgrade-glibc-langpack-bi rocky-upgrade-glibc-langpack-bn rocky-upgrade-glibc-langpack-bo rocky-upgrade-glibc-langpack-br rocky-upgrade-glibc-langpack-brx rocky-upgrade-glibc-langpack-bs rocky-upgrade-glibc-langpack-byn rocky-upgrade-glibc-langpack-ca rocky-upgrade-glibc-langpack-ce rocky-upgrade-glibc-langpack-chr rocky-upgrade-glibc-langpack-ckb rocky-upgrade-glibc-langpack-cmn rocky-upgrade-glibc-langpack-crh rocky-upgrade-glibc-langpack-cs rocky-upgrade-glibc-langpack-csb rocky-upgrade-glibc-langpack-cv rocky-upgrade-glibc-langpack-cy rocky-upgrade-glibc-langpack-da rocky-upgrade-glibc-langpack-de rocky-upgrade-glibc-langpack-doi rocky-upgrade-glibc-langpack-dsb rocky-upgrade-glibc-langpack-dv rocky-upgrade-glibc-langpack-dz rocky-upgrade-glibc-langpack-el rocky-upgrade-glibc-langpack-en rocky-upgrade-glibc-langpack-eo rocky-upgrade-glibc-langpack-es rocky-upgrade-glibc-langpack-et rocky-upgrade-glibc-langpack-eu rocky-upgrade-glibc-langpack-fa rocky-upgrade-glibc-langpack-ff rocky-upgrade-glibc-langpack-fi rocky-upgrade-glibc-langpack-fil rocky-upgrade-glibc-langpack-fo rocky-upgrade-glibc-langpack-fr rocky-upgrade-glibc-langpack-fur rocky-upgrade-glibc-langpack-fy rocky-upgrade-glibc-langpack-ga rocky-upgrade-glibc-langpack-gd rocky-upgrade-glibc-langpack-gez rocky-upgrade-glibc-langpack-gl rocky-upgrade-glibc-langpack-gu rocky-upgrade-glibc-langpack-gv rocky-upgrade-glibc-langpack-ha rocky-upgrade-glibc-langpack-hak rocky-upgrade-glibc-langpack-he rocky-upgrade-glibc-langpack-hi rocky-upgrade-glibc-langpack-hif rocky-upgrade-glibc-langpack-hne rocky-upgrade-glibc-langpack-hr rocky-upgrade-glibc-langpack-hsb rocky-upgrade-glibc-langpack-ht rocky-upgrade-glibc-langpack-hu rocky-upgrade-glibc-langpack-hy rocky-upgrade-glibc-langpack-ia rocky-upgrade-glibc-langpack-id rocky-upgrade-glibc-langpack-ig rocky-upgrade-glibc-langpack-ik rocky-upgrade-glibc-langpack-is rocky-upgrade-glibc-langpack-it rocky-upgrade-glibc-langpack-iu rocky-upgrade-glibc-langpack-ja rocky-upgrade-glibc-langpack-ka rocky-upgrade-glibc-langpack-kab rocky-upgrade-glibc-langpack-kk rocky-upgrade-glibc-langpack-kl rocky-upgrade-glibc-langpack-km rocky-upgrade-glibc-langpack-kn rocky-upgrade-glibc-langpack-ko rocky-upgrade-glibc-langpack-kok rocky-upgrade-glibc-langpack-ks rocky-upgrade-glibc-langpack-ku rocky-upgrade-glibc-langpack-kw rocky-upgrade-glibc-langpack-ky rocky-upgrade-glibc-langpack-lb rocky-upgrade-glibc-langpack-lg rocky-upgrade-glibc-langpack-li rocky-upgrade-glibc-langpack-lij rocky-upgrade-glibc-langpack-ln rocky-upgrade-glibc-langpack-lo rocky-upgrade-glibc-langpack-lt rocky-upgrade-glibc-langpack-lv rocky-upgrade-glibc-langpack-lzh rocky-upgrade-glibc-langpack-mag rocky-upgrade-glibc-langpack-mai rocky-upgrade-glibc-langpack-mfe rocky-upgrade-glibc-langpack-mg rocky-upgrade-glibc-langpack-mhr rocky-upgrade-glibc-langpack-mi rocky-upgrade-glibc-langpack-miq rocky-upgrade-glibc-langpack-mjw rocky-upgrade-glibc-langpack-mk rocky-upgrade-glibc-langpack-ml rocky-upgrade-glibc-langpack-mn rocky-upgrade-glibc-langpack-mni rocky-upgrade-glibc-langpack-mnw rocky-upgrade-glibc-langpack-mr rocky-upgrade-glibc-langpack-ms rocky-upgrade-glibc-langpack-mt rocky-upgrade-glibc-langpack-my rocky-upgrade-glibc-langpack-nan rocky-upgrade-glibc-langpack-nb rocky-upgrade-glibc-langpack-nds rocky-upgrade-glibc-langpack-ne rocky-upgrade-glibc-langpack-nhn rocky-upgrade-glibc-langpack-niu rocky-upgrade-glibc-langpack-nl rocky-upgrade-glibc-langpack-nn rocky-upgrade-glibc-langpack-nr rocky-upgrade-glibc-langpack-nso rocky-upgrade-glibc-langpack-oc rocky-upgrade-glibc-langpack-om rocky-upgrade-glibc-langpack-or rocky-upgrade-glibc-langpack-os rocky-upgrade-glibc-langpack-pa rocky-upgrade-glibc-langpack-pap rocky-upgrade-glibc-langpack-pl rocky-upgrade-glibc-langpack-ps rocky-upgrade-glibc-langpack-pt rocky-upgrade-glibc-langpack-quz rocky-upgrade-glibc-langpack-raj rocky-upgrade-glibc-langpack-ro rocky-upgrade-glibc-langpack-ru rocky-upgrade-glibc-langpack-rw rocky-upgrade-glibc-langpack-sa rocky-upgrade-glibc-langpack-sah rocky-upgrade-glibc-langpack-sat rocky-upgrade-glibc-langpack-sc rocky-upgrade-glibc-langpack-sd rocky-upgrade-glibc-langpack-se rocky-upgrade-glibc-langpack-sgs rocky-upgrade-glibc-langpack-shn rocky-upgrade-glibc-langpack-shs rocky-upgrade-glibc-langpack-si rocky-upgrade-glibc-langpack-sid rocky-upgrade-glibc-langpack-sk rocky-upgrade-glibc-langpack-sl rocky-upgrade-glibc-langpack-sm rocky-upgrade-glibc-langpack-so rocky-upgrade-glibc-langpack-sq rocky-upgrade-glibc-langpack-sr rocky-upgrade-glibc-langpack-ss rocky-upgrade-glibc-langpack-st rocky-upgrade-glibc-langpack-sv rocky-upgrade-glibc-langpack-sw rocky-upgrade-glibc-langpack-szl rocky-upgrade-glibc-langpack-ta rocky-upgrade-glibc-langpack-tcy rocky-upgrade-glibc-langpack-te rocky-upgrade-glibc-langpack-tg rocky-upgrade-glibc-langpack-th rocky-upgrade-glibc-langpack-the rocky-upgrade-glibc-langpack-ti rocky-upgrade-glibc-langpack-tig rocky-upgrade-glibc-langpack-tk rocky-upgrade-glibc-langpack-tl rocky-upgrade-glibc-langpack-tn rocky-upgrade-glibc-langpack-to rocky-upgrade-glibc-langpack-tpi rocky-upgrade-glibc-langpack-tr rocky-upgrade-glibc-langpack-ts rocky-upgrade-glibc-langpack-tt rocky-upgrade-glibc-langpack-ug rocky-upgrade-glibc-langpack-uk rocky-upgrade-glibc-langpack-unm rocky-upgrade-glibc-langpack-ur rocky-upgrade-glibc-langpack-uz rocky-upgrade-glibc-langpack-ve rocky-upgrade-glibc-langpack-vi rocky-upgrade-glibc-langpack-wa rocky-upgrade-glibc-langpack-wae rocky-upgrade-glibc-langpack-wal rocky-upgrade-glibc-langpack-wo rocky-upgrade-glibc-langpack-xh rocky-upgrade-glibc-langpack-yi rocky-upgrade-glibc-langpack-yo rocky-upgrade-glibc-langpack-yue rocky-upgrade-glibc-langpack-yuw rocky-upgrade-glibc-langpack-zh rocky-upgrade-glibc-langpack-zu rocky-upgrade-glibc-locale-source rocky-upgrade-glibc-minimal-langpack rocky-upgrade-glibc-nss-devel rocky-upgrade-glibc-static rocky-upgrade-glibc-utils rocky-upgrade-glibc-utils-debuginfo rocky-upgrade-libnsl rocky-upgrade-libnsl-debuginfo rocky-upgrade-nscd rocky-upgrade-nscd-debuginfo rocky-upgrade-nss_db rocky-upgrade-nss_db-debuginfo rocky-upgrade-nss_hesiod rocky-upgrade-nss_hesiod-debuginfo References https://attackerkb.com/topics/cve-2024-33599 CVE - 2024-33599 https://errata.rockylinux.org/RLSA-2024:3339 https://errata.rockylinux.org/RLSA-2024:3344

Rocky Linux: CVE-2024-33600: glibc (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 06/17/2024 Added 06/17/2024 Modified 11/18/2024 Description nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) rocky-upgrade-compat-libpthread-nonshared rocky-upgrade-glibc rocky-upgrade-glibc-all-langpacks rocky-upgrade-glibc-all-langpacks-debuginfo rocky-upgrade-glibc-benchtests rocky-upgrade-glibc-benchtests-debuginfo rocky-upgrade-glibc-common rocky-upgrade-glibc-common-debuginfo rocky-upgrade-glibc-debuginfo rocky-upgrade-glibc-debugsource rocky-upgrade-glibc-devel rocky-upgrade-glibc-gconv-extra rocky-upgrade-glibc-gconv-extra-debuginfo rocky-upgrade-glibc-headers rocky-upgrade-glibc-langpack-aa rocky-upgrade-glibc-langpack-af rocky-upgrade-glibc-langpack-agr rocky-upgrade-glibc-langpack-ak rocky-upgrade-glibc-langpack-am rocky-upgrade-glibc-langpack-an rocky-upgrade-glibc-langpack-anp rocky-upgrade-glibc-langpack-ar rocky-upgrade-glibc-langpack-as rocky-upgrade-glibc-langpack-ast rocky-upgrade-glibc-langpack-ayc rocky-upgrade-glibc-langpack-az rocky-upgrade-glibc-langpack-be rocky-upgrade-glibc-langpack-bem rocky-upgrade-glibc-langpack-ber rocky-upgrade-glibc-langpack-bg rocky-upgrade-glibc-langpack-bhb rocky-upgrade-glibc-langpack-bho rocky-upgrade-glibc-langpack-bi rocky-upgrade-glibc-langpack-bn rocky-upgrade-glibc-langpack-bo rocky-upgrade-glibc-langpack-br rocky-upgrade-glibc-langpack-brx rocky-upgrade-glibc-langpack-bs rocky-upgrade-glibc-langpack-byn rocky-upgrade-glibc-langpack-ca rocky-upgrade-glibc-langpack-ce rocky-upgrade-glibc-langpack-chr rocky-upgrade-glibc-langpack-ckb rocky-upgrade-glibc-langpack-cmn rocky-upgrade-glibc-langpack-crh rocky-upgrade-glibc-langpack-cs rocky-upgrade-glibc-langpack-csb rocky-upgrade-glibc-langpack-cv rocky-upgrade-glibc-langpack-cy rocky-upgrade-glibc-langpack-da rocky-upgrade-glibc-langpack-de rocky-upgrade-glibc-langpack-doi rocky-upgrade-glibc-langpack-dsb rocky-upgrade-glibc-langpack-dv rocky-upgrade-glibc-langpack-dz rocky-upgrade-glibc-langpack-el rocky-upgrade-glibc-langpack-en rocky-upgrade-glibc-langpack-eo rocky-upgrade-glibc-langpack-es rocky-upgrade-glibc-langpack-et rocky-upgrade-glibc-langpack-eu rocky-upgrade-glibc-langpack-fa rocky-upgrade-glibc-langpack-ff rocky-upgrade-glibc-langpack-fi rocky-upgrade-glibc-langpack-fil rocky-upgrade-glibc-langpack-fo rocky-upgrade-glibc-langpack-fr rocky-upgrade-glibc-langpack-fur rocky-upgrade-glibc-langpack-fy rocky-upgrade-glibc-langpack-ga rocky-upgrade-glibc-langpack-gd rocky-upgrade-glibc-langpack-gez rocky-upgrade-glibc-langpack-gl rocky-upgrade-glibc-langpack-gu rocky-upgrade-glibc-langpack-gv rocky-upgrade-glibc-langpack-ha rocky-upgrade-glibc-langpack-hak rocky-upgrade-glibc-langpack-he rocky-upgrade-glibc-langpack-hi rocky-upgrade-glibc-langpack-hif rocky-upgrade-glibc-langpack-hne rocky-upgrade-glibc-langpack-hr rocky-upgrade-glibc-langpack-hsb rocky-upgrade-glibc-langpack-ht rocky-upgrade-glibc-langpack-hu rocky-upgrade-glibc-langpack-hy rocky-upgrade-glibc-langpack-ia rocky-upgrade-glibc-langpack-id rocky-upgrade-glibc-langpack-ig rocky-upgrade-glibc-langpack-ik rocky-upgrade-glibc-langpack-is rocky-upgrade-glibc-langpack-it rocky-upgrade-glibc-langpack-iu rocky-upgrade-glibc-langpack-ja rocky-upgrade-glibc-langpack-ka rocky-upgrade-glibc-langpack-kab rocky-upgrade-glibc-langpack-kk rocky-upgrade-glibc-langpack-kl rocky-upgrade-glibc-langpack-km rocky-upgrade-glibc-langpack-kn rocky-upgrade-glibc-langpack-ko rocky-upgrade-glibc-langpack-kok rocky-upgrade-glibc-langpack-ks rocky-upgrade-glibc-langpack-ku rocky-upgrade-glibc-langpack-kw rocky-upgrade-glibc-langpack-ky rocky-upgrade-glibc-langpack-lb rocky-upgrade-glibc-langpack-lg rocky-upgrade-glibc-langpack-li rocky-upgrade-glibc-langpack-lij rocky-upgrade-glibc-langpack-ln rocky-upgrade-glibc-langpack-lo rocky-upgrade-glibc-langpack-lt rocky-upgrade-glibc-langpack-lv rocky-upgrade-glibc-langpack-lzh rocky-upgrade-glibc-langpack-mag rocky-upgrade-glibc-langpack-mai rocky-upgrade-glibc-langpack-mfe rocky-upgrade-glibc-langpack-mg rocky-upgrade-glibc-langpack-mhr rocky-upgrade-glibc-langpack-mi rocky-upgrade-glibc-langpack-miq rocky-upgrade-glibc-langpack-mjw rocky-upgrade-glibc-langpack-mk rocky-upgrade-glibc-langpack-ml rocky-upgrade-glibc-langpack-mn rocky-upgrade-glibc-langpack-mni rocky-upgrade-glibc-langpack-mnw rocky-upgrade-glibc-langpack-mr rocky-upgrade-glibc-langpack-ms rocky-upgrade-glibc-langpack-mt rocky-upgrade-glibc-langpack-my rocky-upgrade-glibc-langpack-nan rocky-upgrade-glibc-langpack-nb rocky-upgrade-glibc-langpack-nds rocky-upgrade-glibc-langpack-ne rocky-upgrade-glibc-langpack-nhn rocky-upgrade-glibc-langpack-niu rocky-upgrade-glibc-langpack-nl rocky-upgrade-glibc-langpack-nn rocky-upgrade-glibc-langpack-nr rocky-upgrade-glibc-langpack-nso rocky-upgrade-glibc-langpack-oc rocky-upgrade-glibc-langpack-om rocky-upgrade-glibc-langpack-or rocky-upgrade-glibc-langpack-os rocky-upgrade-glibc-langpack-pa rocky-upgrade-glibc-langpack-pap rocky-upgrade-glibc-langpack-pl rocky-upgrade-glibc-langpack-ps rocky-upgrade-glibc-langpack-pt rocky-upgrade-glibc-langpack-quz rocky-upgrade-glibc-langpack-raj rocky-upgrade-glibc-langpack-ro rocky-upgrade-glibc-langpack-ru rocky-upgrade-glibc-langpack-rw rocky-upgrade-glibc-langpack-sa rocky-upgrade-glibc-langpack-sah rocky-upgrade-glibc-langpack-sat rocky-upgrade-glibc-langpack-sc rocky-upgrade-glibc-langpack-sd rocky-upgrade-glibc-langpack-se rocky-upgrade-glibc-langpack-sgs rocky-upgrade-glibc-langpack-shn rocky-upgrade-glibc-langpack-shs rocky-upgrade-glibc-langpack-si rocky-upgrade-glibc-langpack-sid rocky-upgrade-glibc-langpack-sk rocky-upgrade-glibc-langpack-sl rocky-upgrade-glibc-langpack-sm rocky-upgrade-glibc-langpack-so rocky-upgrade-glibc-langpack-sq rocky-upgrade-glibc-langpack-sr rocky-upgrade-glibc-langpack-ss rocky-upgrade-glibc-langpack-st rocky-upgrade-glibc-langpack-sv rocky-upgrade-glibc-langpack-sw rocky-upgrade-glibc-langpack-szl rocky-upgrade-glibc-langpack-ta rocky-upgrade-glibc-langpack-tcy rocky-upgrade-glibc-langpack-te rocky-upgrade-glibc-langpack-tg rocky-upgrade-glibc-langpack-th rocky-upgrade-glibc-langpack-the rocky-upgrade-glibc-langpack-ti rocky-upgrade-glibc-langpack-tig rocky-upgrade-glibc-langpack-tk rocky-upgrade-glibc-langpack-tl rocky-upgrade-glibc-langpack-tn rocky-upgrade-glibc-langpack-to rocky-upgrade-glibc-langpack-tpi rocky-upgrade-glibc-langpack-tr rocky-upgrade-glibc-langpack-ts rocky-upgrade-glibc-langpack-tt rocky-upgrade-glibc-langpack-ug rocky-upgrade-glibc-langpack-uk rocky-upgrade-glibc-langpack-unm rocky-upgrade-glibc-langpack-ur rocky-upgrade-glibc-langpack-uz rocky-upgrade-glibc-langpack-ve rocky-upgrade-glibc-langpack-vi rocky-upgrade-glibc-langpack-wa rocky-upgrade-glibc-langpack-wae rocky-upgrade-glibc-langpack-wal rocky-upgrade-glibc-langpack-wo rocky-upgrade-glibc-langpack-xh rocky-upgrade-glibc-langpack-yi rocky-upgrade-glibc-langpack-yo rocky-upgrade-glibc-langpack-yue rocky-upgrade-glibc-langpack-yuw rocky-upgrade-glibc-langpack-zh rocky-upgrade-glibc-langpack-zu rocky-upgrade-glibc-locale-source rocky-upgrade-glibc-minimal-langpack rocky-upgrade-glibc-nss-devel rocky-upgrade-glibc-static rocky-upgrade-glibc-utils rocky-upgrade-glibc-utils-debuginfo rocky-upgrade-libnsl rocky-upgrade-libnsl-debuginfo rocky-upgrade-nscd rocky-upgrade-nscd-debuginfo rocky-upgrade-nss_db rocky-upgrade-nss_db-debuginfo rocky-upgrade-nss_hesiod rocky-upgrade-nss_hesiod-debuginfo References https://attackerkb.com/topics/cve-2024-33600 CVE - 2024-33600 https://errata.rockylinux.org/RLSA-2024:3339 https://errata.rockylinux.org/RLSA-2024:3344

SUSE: CVE-2024-34069: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 05/10/2024 Added 05/13/2024 Modified 05/14/2024 Description Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3. Solution(s) suse-upgrade-python-werkzeug suse-upgrade-python-werkzeug-doc suse-upgrade-python3-werkzeug suse-upgrade-python311-werkzeug References https://attackerkb.com/topics/cve-2024-34069 CVE - 2024-34069

Alpine Linux: CVE-2024-34064: Vulnerability in Multiple Components Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 05/06/2024 Created 06/11/2024 Added 06/06/2024 Modified 10/02/2024 Description Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4. Solution(s) alpine-linux-upgrade-py3-jinja2 References https://attackerkb.com/topics/cve-2024-34064 CVE - 2024-34064 https://security.alpinelinux.org/vuln/CVE-2024-34064

DIAEnergie SQL Injection (CVE-2024-4548) Disclosed 05/06/2024 Created 08/21/2024 Description SQL injection vulnerability in DIAEnergie <= v1.10 from Delta Electronics. This vulnerability can be exploited by an unauthenticated remote attacker to gain arbitrary code execution through a SQL injection vulnerability in the CEBC service. The commands will get executed in the context of NT AUTHORITY\SYSTEM. Author(s) Michael Heinzl Tenable Platform Windows Architectures cmd Development Source Code History

Red Hat: CVE-2024-33600: glibc: null pointer dereferences after failed netgroup cache insertion (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 05/06/2024 Created 05/10/2024 Added 05/13/2024 Modified 09/03/2024 Description nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) redhat-upgrade-compat-libpthread-nonshared redhat-upgrade-glibc redhat-upgrade-glibc-all-langpacks redhat-upgrade-glibc-all-langpacks-debuginfo redhat-upgrade-glibc-benchtests redhat-upgrade-glibc-benchtests-debuginfo redhat-upgrade-glibc-common redhat-upgrade-glibc-common-debuginfo redhat-upgrade-glibc-debuginfo redhat-upgrade-glibc-debuginfo-common redhat-upgrade-glibc-debugsource redhat-upgrade-glibc-devel redhat-upgrade-glibc-doc redhat-upgrade-glibc-gconv-extra redhat-upgrade-glibc-gconv-extra-debuginfo redhat-upgrade-glibc-headers redhat-upgrade-glibc-langpack-aa redhat-upgrade-glibc-langpack-af redhat-upgrade-glibc-langpack-agr redhat-upgrade-glibc-langpack-ak redhat-upgrade-glibc-langpack-am redhat-upgrade-glibc-langpack-an redhat-upgrade-glibc-langpack-anp redhat-upgrade-glibc-langpack-ar redhat-upgrade-glibc-langpack-as redhat-upgrade-glibc-langpack-ast redhat-upgrade-glibc-langpack-ayc redhat-upgrade-glibc-langpack-az redhat-upgrade-glibc-langpack-be redhat-upgrade-glibc-langpack-bem redhat-upgrade-glibc-langpack-ber redhat-upgrade-glibc-langpack-bg redhat-upgrade-glibc-langpack-bhb redhat-upgrade-glibc-langpack-bho redhat-upgrade-glibc-langpack-bi redhat-upgrade-glibc-langpack-bn redhat-upgrade-glibc-langpack-bo redhat-upgrade-glibc-langpack-br redhat-upgrade-glibc-langpack-brx redhat-upgrade-glibc-langpack-bs redhat-upgrade-glibc-langpack-byn redhat-upgrade-glibc-langpack-ca redhat-upgrade-glibc-langpack-ce redhat-upgrade-glibc-langpack-chr redhat-upgrade-glibc-langpack-ckb redhat-upgrade-glibc-langpack-cmn redhat-upgrade-glibc-langpack-crh redhat-upgrade-glibc-langpack-cs redhat-upgrade-glibc-langpack-csb redhat-upgrade-glibc-langpack-cv redhat-upgrade-glibc-langpack-cy redhat-upgrade-glibc-langpack-da redhat-upgrade-glibc-langpack-de redhat-upgrade-glibc-langpack-doi redhat-upgrade-glibc-langpack-dsb redhat-upgrade-glibc-langpack-dv redhat-upgrade-glibc-langpack-dz redhat-upgrade-glibc-langpack-el redhat-upgrade-glibc-langpack-en redhat-upgrade-glibc-langpack-eo redhat-upgrade-glibc-langpack-es redhat-upgrade-glibc-langpack-et redhat-upgrade-glibc-langpack-eu redhat-upgrade-glibc-langpack-fa redhat-upgrade-glibc-langpack-ff redhat-upgrade-glibc-langpack-fi redhat-upgrade-glibc-langpack-fil redhat-upgrade-glibc-langpack-fo redhat-upgrade-glibc-langpack-fr redhat-upgrade-glibc-langpack-fur redhat-upgrade-glibc-langpack-fy redhat-upgrade-glibc-langpack-ga redhat-upgrade-glibc-langpack-gd redhat-upgrade-glibc-langpack-gez redhat-upgrade-glibc-langpack-gl redhat-upgrade-glibc-langpack-gu redhat-upgrade-glibc-langpack-gv redhat-upgrade-glibc-langpack-ha redhat-upgrade-glibc-langpack-hak redhat-upgrade-glibc-langpack-he redhat-upgrade-glibc-langpack-hi redhat-upgrade-glibc-langpack-hif redhat-upgrade-glibc-langpack-hne redhat-upgrade-glibc-langpack-hr redhat-upgrade-glibc-langpack-hsb redhat-upgrade-glibc-langpack-ht redhat-upgrade-glibc-langpack-hu redhat-upgrade-glibc-langpack-hy redhat-upgrade-glibc-langpack-ia redhat-upgrade-glibc-langpack-id redhat-upgrade-glibc-langpack-ig redhat-upgrade-glibc-langpack-ik redhat-upgrade-glibc-langpack-is redhat-upgrade-glibc-langpack-it redhat-upgrade-glibc-langpack-iu redhat-upgrade-glibc-langpack-ja redhat-upgrade-glibc-langpack-ka redhat-upgrade-glibc-langpack-kab redhat-upgrade-glibc-langpack-kk redhat-upgrade-glibc-langpack-kl redhat-upgrade-glibc-langpack-km redhat-upgrade-glibc-langpack-kn redhat-upgrade-glibc-langpack-ko redhat-upgrade-glibc-langpack-kok redhat-upgrade-glibc-langpack-ks redhat-upgrade-glibc-langpack-ku redhat-upgrade-glibc-langpack-kw redhat-upgrade-glibc-langpack-ky redhat-upgrade-glibc-langpack-lb redhat-upgrade-glibc-langpack-lg redhat-upgrade-glibc-langpack-li redhat-upgrade-glibc-langpack-lij redhat-upgrade-glibc-langpack-ln redhat-upgrade-glibc-langpack-lo redhat-upgrade-glibc-langpack-lt redhat-upgrade-glibc-langpack-lv redhat-upgrade-glibc-langpack-lzh redhat-upgrade-glibc-langpack-mag redhat-upgrade-glibc-langpack-mai redhat-upgrade-glibc-langpack-mfe redhat-upgrade-glibc-langpack-mg redhat-upgrade-glibc-langpack-mhr redhat-upgrade-glibc-langpack-mi redhat-upgrade-glibc-langpack-miq redhat-upgrade-glibc-langpack-mjw redhat-upgrade-glibc-langpack-mk redhat-upgrade-glibc-langpack-ml redhat-upgrade-glibc-langpack-mn redhat-upgrade-glibc-langpack-mni redhat-upgrade-glibc-langpack-mnw redhat-upgrade-glibc-langpack-mr redhat-upgrade-glibc-langpack-ms redhat-upgrade-glibc-langpack-mt redhat-upgrade-glibc-langpack-my redhat-upgrade-glibc-langpack-nan redhat-upgrade-glibc-langpack-nb redhat-upgrade-glibc-langpack-nds redhat-upgrade-glibc-langpack-ne redhat-upgrade-glibc-langpack-nhn redhat-upgrade-glibc-langpack-niu redhat-upgrade-glibc-langpack-nl redhat-upgrade-glibc-langpack-nn redhat-upgrade-glibc-langpack-nr redhat-upgrade-glibc-langpack-nso redhat-upgrade-glibc-langpack-oc redhat-upgrade-glibc-langpack-om redhat-upgrade-glibc-langpack-or redhat-upgrade-glibc-langpack-os redhat-upgrade-glibc-langpack-pa redhat-upgrade-glibc-langpack-pap redhat-upgrade-glibc-langpack-pl redhat-upgrade-glibc-langpack-ps redhat-upgrade-glibc-langpack-pt redhat-upgrade-glibc-langpack-quz redhat-upgrade-glibc-langpack-raj redhat-upgrade-glibc-langpack-ro redhat-upgrade-glibc-langpack-ru redhat-upgrade-glibc-langpack-rw redhat-upgrade-glibc-langpack-sa redhat-upgrade-glibc-langpack-sah redhat-upgrade-glibc-langpack-sat redhat-upgrade-glibc-langpack-sc redhat-upgrade-glibc-langpack-sd redhat-upgrade-glibc-langpack-se redhat-upgrade-glibc-langpack-sgs redhat-upgrade-glibc-langpack-shn redhat-upgrade-glibc-langpack-shs redhat-upgrade-glibc-langpack-si redhat-upgrade-glibc-langpack-sid redhat-upgrade-glibc-langpack-sk redhat-upgrade-glibc-langpack-sl redhat-upgrade-glibc-langpack-sm redhat-upgrade-glibc-langpack-so redhat-upgrade-glibc-langpack-sq redhat-upgrade-glibc-langpack-sr redhat-upgrade-glibc-langpack-ss redhat-upgrade-glibc-langpack-st redhat-upgrade-glibc-langpack-sv redhat-upgrade-glibc-langpack-sw redhat-upgrade-glibc-langpack-szl redhat-upgrade-glibc-langpack-ta redhat-upgrade-glibc-langpack-tcy redhat-upgrade-glibc-langpack-te redhat-upgrade-glibc-langpack-tg redhat-upgrade-glibc-langpack-th redhat-upgrade-glibc-langpack-the redhat-upgrade-glibc-langpack-ti redhat-upgrade-glibc-langpack-tig redhat-upgrade-glibc-langpack-tk redhat-upgrade-glibc-langpack-tl redhat-upgrade-glibc-langpack-tn redhat-upgrade-glibc-langpack-to redhat-upgrade-glibc-langpack-tpi redhat-upgrade-glibc-langpack-tr redhat-upgrade-glibc-langpack-ts redhat-upgrade-glibc-langpack-tt redhat-upgrade-glibc-langpack-ug redhat-upgrade-glibc-langpack-uk redhat-upgrade-glibc-langpack-unm redhat-upgrade-glibc-langpack-ur redhat-upgrade-glibc-langpack-uz redhat-upgrade-glibc-langpack-ve redhat-upgrade-glibc-langpack-vi redhat-upgrade-glibc-langpack-wa redhat-upgrade-glibc-langpack-wae redhat-upgrade-glibc-langpack-wal redhat-upgrade-glibc-langpack-wo redhat-upgrade-glibc-langpack-xh redhat-upgrade-glibc-langpack-yi redhat-upgrade-glibc-langpack-yo redhat-upgrade-glibc-langpack-yue redhat-upgrade-glibc-langpack-yuw redhat-upgrade-glibc-langpack-zh redhat-upgrade-glibc-langpack-zu redhat-upgrade-glibc-locale-source redhat-upgrade-glibc-minimal-langpack redhat-upgrade-glibc-nss-devel redhat-upgrade-glibc-static redhat-upgrade-glibc-utils redhat-upgrade-glibc-utils-debuginfo redhat-upgrade-libnsl redhat-upgrade-libnsl-debuginfo redhat-upgrade-nscd redhat-upgrade-nscd-debuginfo redhat-upgrade-nss_db redhat-upgrade-nss_db-debuginfo redhat-upgrade-nss_hesiod redhat-upgrade-nss_hesiod-debuginfo References CVE-2024-33600 RHSA-2024:2799 RHSA-2024:3312 RHSA-2024:3339 RHSA-2024:3344 RHSA-2024:3411 RHSA-2024:3423 RHSA-2024:3588 View more

Red Hat OpenShift: CVE-2024-34069: python-werkzeug: user may execute code on a developer's machine Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 08/31/2024 Added 08/30/2024 Modified 12/11/2024 Description Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3. Solution(s) linuxrpm-upgrade-python-werkzeug linuxrpm-upgrade-rhcos References https://attackerkb.com/topics/cve-2024-34069 CVE - 2024-34069 RHSA-2024:10696 RHSA-2024:5107 RHSA-2024:5439 RHSA-2024:5810 RHSA-2024:6016 RHSA-2024:6406 RHSA-2024:9975 RHSA-2024:9976 View more

Red Hat: CVE-2024-33599: glibc: stack-based buffer overflow in netgroup cache (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:C) Published 05/06/2024 Created 05/10/2024 Added 05/13/2024 Modified 09/03/2024 Description nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) redhat-upgrade-compat-libpthread-nonshared redhat-upgrade-glibc redhat-upgrade-glibc-all-langpacks redhat-upgrade-glibc-all-langpacks-debuginfo redhat-upgrade-glibc-benchtests redhat-upgrade-glibc-benchtests-debuginfo redhat-upgrade-glibc-common redhat-upgrade-glibc-common-debuginfo redhat-upgrade-glibc-debuginfo redhat-upgrade-glibc-debuginfo-common redhat-upgrade-glibc-debugsource redhat-upgrade-glibc-devel redhat-upgrade-glibc-doc redhat-upgrade-glibc-gconv-extra redhat-upgrade-glibc-gconv-extra-debuginfo redhat-upgrade-glibc-headers redhat-upgrade-glibc-langpack-aa redhat-upgrade-glibc-langpack-af redhat-upgrade-glibc-langpack-agr redhat-upgrade-glibc-langpack-ak redhat-upgrade-glibc-langpack-am redhat-upgrade-glibc-langpack-an redhat-upgrade-glibc-langpack-anp redhat-upgrade-glibc-langpack-ar redhat-upgrade-glibc-langpack-as redhat-upgrade-glibc-langpack-ast redhat-upgrade-glibc-langpack-ayc redhat-upgrade-glibc-langpack-az redhat-upgrade-glibc-langpack-be redhat-upgrade-glibc-langpack-bem redhat-upgrade-glibc-langpack-ber redhat-upgrade-glibc-langpack-bg redhat-upgrade-glibc-langpack-bhb redhat-upgrade-glibc-langpack-bho redhat-upgrade-glibc-langpack-bi redhat-upgrade-glibc-langpack-bn redhat-upgrade-glibc-langpack-bo redhat-upgrade-glibc-langpack-br redhat-upgrade-glibc-langpack-brx redhat-upgrade-glibc-langpack-bs redhat-upgrade-glibc-langpack-byn redhat-upgrade-glibc-langpack-ca redhat-upgrade-glibc-langpack-ce redhat-upgrade-glibc-langpack-chr redhat-upgrade-glibc-langpack-ckb redhat-upgrade-glibc-langpack-cmn redhat-upgrade-glibc-langpack-crh redhat-upgrade-glibc-langpack-cs redhat-upgrade-glibc-langpack-csb redhat-upgrade-glibc-langpack-cv redhat-upgrade-glibc-langpack-cy redhat-upgrade-glibc-langpack-da redhat-upgrade-glibc-langpack-de redhat-upgrade-glibc-langpack-doi redhat-upgrade-glibc-langpack-dsb redhat-upgrade-glibc-langpack-dv redhat-upgrade-glibc-langpack-dz redhat-upgrade-glibc-langpack-el redhat-upgrade-glibc-langpack-en redhat-upgrade-glibc-langpack-eo redhat-upgrade-glibc-langpack-es redhat-upgrade-glibc-langpack-et redhat-upgrade-glibc-langpack-eu redhat-upgrade-glibc-langpack-fa redhat-upgrade-glibc-langpack-ff redhat-upgrade-glibc-langpack-fi redhat-upgrade-glibc-langpack-fil redhat-upgrade-glibc-langpack-fo redhat-upgrade-glibc-langpack-fr redhat-upgrade-glibc-langpack-fur redhat-upgrade-glibc-langpack-fy redhat-upgrade-glibc-langpack-ga redhat-upgrade-glibc-langpack-gd redhat-upgrade-glibc-langpack-gez redhat-upgrade-glibc-langpack-gl redhat-upgrade-glibc-langpack-gu redhat-upgrade-glibc-langpack-gv redhat-upgrade-glibc-langpack-ha redhat-upgrade-glibc-langpack-hak redhat-upgrade-glibc-langpack-he redhat-upgrade-glibc-langpack-hi redhat-upgrade-glibc-langpack-hif redhat-upgrade-glibc-langpack-hne redhat-upgrade-glibc-langpack-hr redhat-upgrade-glibc-langpack-hsb redhat-upgrade-glibc-langpack-ht redhat-upgrade-glibc-langpack-hu redhat-upgrade-glibc-langpack-hy redhat-upgrade-glibc-langpack-ia redhat-upgrade-glibc-langpack-id redhat-upgrade-glibc-langpack-ig redhat-upgrade-glibc-langpack-ik redhat-upgrade-glibc-langpack-is redhat-upgrade-glibc-langpack-it redhat-upgrade-glibc-langpack-iu redhat-upgrade-glibc-langpack-ja redhat-upgrade-glibc-langpack-ka redhat-upgrade-glibc-langpack-kab redhat-upgrade-glibc-langpack-kk redhat-upgrade-glibc-langpack-kl redhat-upgrade-glibc-langpack-km redhat-upgrade-glibc-langpack-kn redhat-upgrade-glibc-langpack-ko redhat-upgrade-glibc-langpack-kok redhat-upgrade-glibc-langpack-ks redhat-upgrade-glibc-langpack-ku redhat-upgrade-glibc-langpack-kw redhat-upgrade-glibc-langpack-ky redhat-upgrade-glibc-langpack-lb redhat-upgrade-glibc-langpack-lg redhat-upgrade-glibc-langpack-li redhat-upgrade-glibc-langpack-lij redhat-upgrade-glibc-langpack-ln redhat-upgrade-glibc-langpack-lo redhat-upgrade-glibc-langpack-lt redhat-upgrade-glibc-langpack-lv redhat-upgrade-glibc-langpack-lzh redhat-upgrade-glibc-langpack-mag redhat-upgrade-glibc-langpack-mai redhat-upgrade-glibc-langpack-mfe redhat-upgrade-glibc-langpack-mg redhat-upgrade-glibc-langpack-mhr redhat-upgrade-glibc-langpack-mi redhat-upgrade-glibc-langpack-miq redhat-upgrade-glibc-langpack-mjw redhat-upgrade-glibc-langpack-mk redhat-upgrade-glibc-langpack-ml redhat-upgrade-glibc-langpack-mn redhat-upgrade-glibc-langpack-mni redhat-upgrade-glibc-langpack-mnw redhat-upgrade-glibc-langpack-mr redhat-upgrade-glibc-langpack-ms redhat-upgrade-glibc-langpack-mt redhat-upgrade-glibc-langpack-my redhat-upgrade-glibc-langpack-nan redhat-upgrade-glibc-langpack-nb redhat-upgrade-glibc-langpack-nds redhat-upgrade-glibc-langpack-ne redhat-upgrade-glibc-langpack-nhn redhat-upgrade-glibc-langpack-niu redhat-upgrade-glibc-langpack-nl redhat-upgrade-glibc-langpack-nn redhat-upgrade-glibc-langpack-nr redhat-upgrade-glibc-langpack-nso redhat-upgrade-glibc-langpack-oc redhat-upgrade-glibc-langpack-om redhat-upgrade-glibc-langpack-or redhat-upgrade-glibc-langpack-os redhat-upgrade-glibc-langpack-pa redhat-upgrade-glibc-langpack-pap redhat-upgrade-glibc-langpack-pl redhat-upgrade-glibc-langpack-ps redhat-upgrade-glibc-langpack-pt redhat-upgrade-glibc-langpack-quz redhat-upgrade-glibc-langpack-raj redhat-upgrade-glibc-langpack-ro redhat-upgrade-glibc-langpack-ru redhat-upgrade-glibc-langpack-rw redhat-upgrade-glibc-langpack-sa redhat-upgrade-glibc-langpack-sah redhat-upgrade-glibc-langpack-sat redhat-upgrade-glibc-langpack-sc redhat-upgrade-glibc-langpack-sd redhat-upgrade-glibc-langpack-se redhat-upgrade-glibc-langpack-sgs redhat-upgrade-glibc-langpack-shn redhat-upgrade-glibc-langpack-shs redhat-upgrade-glibc-langpack-si redhat-upgrade-glibc-langpack-sid redhat-upgrade-glibc-langpack-sk redhat-upgrade-glibc-langpack-sl redhat-upgrade-glibc-langpack-sm redhat-upgrade-glibc-langpack-so redhat-upgrade-glibc-langpack-sq redhat-upgrade-glibc-langpack-sr redhat-upgrade-glibc-langpack-ss redhat-upgrade-glibc-langpack-st redhat-upgrade-glibc-langpack-sv redhat-upgrade-glibc-langpack-sw redhat-upgrade-glibc-langpack-szl redhat-upgrade-glibc-langpack-ta redhat-upgrade-glibc-langpack-tcy redhat-upgrade-glibc-langpack-te redhat-upgrade-glibc-langpack-tg redhat-upgrade-glibc-langpack-th redhat-upgrade-glibc-langpack-the redhat-upgrade-glibc-langpack-ti redhat-upgrade-glibc-langpack-tig redhat-upgrade-glibc-langpack-tk redhat-upgrade-glibc-langpack-tl redhat-upgrade-glibc-langpack-tn redhat-upgrade-glibc-langpack-to redhat-upgrade-glibc-langpack-tpi redhat-upgrade-glibc-langpack-tr redhat-upgrade-glibc-langpack-ts redhat-upgrade-glibc-langpack-tt redhat-upgrade-glibc-langpack-ug redhat-upgrade-glibc-langpack-uk redhat-upgrade-glibc-langpack-unm redhat-upgrade-glibc-langpack-ur redhat-upgrade-glibc-langpack-uz redhat-upgrade-glibc-langpack-ve redhat-upgrade-glibc-langpack-vi redhat-upgrade-glibc-langpack-wa redhat-upgrade-glibc-langpack-wae redhat-upgrade-glibc-langpack-wal redhat-upgrade-glibc-langpack-wo redhat-upgrade-glibc-langpack-xh redhat-upgrade-glibc-langpack-yi redhat-upgrade-glibc-langpack-yo redhat-upgrade-glibc-langpack-yue redhat-upgrade-glibc-langpack-yuw redhat-upgrade-glibc-langpack-zh redhat-upgrade-glibc-langpack-zu redhat-upgrade-glibc-locale-source redhat-upgrade-glibc-minimal-langpack redhat-upgrade-glibc-nss-devel redhat-upgrade-glibc-static redhat-upgrade-glibc-utils redhat-upgrade-glibc-utils-debuginfo redhat-upgrade-libnsl redhat-upgrade-libnsl-debuginfo redhat-upgrade-nscd redhat-upgrade-nscd-debuginfo redhat-upgrade-nss_db redhat-upgrade-nss_db-debuginfo redhat-upgrade-nss_hesiod redhat-upgrade-nss_hesiod-debuginfo References CVE-2024-33599 RHSA-2024:2799 RHSA-2024:3312 RHSA-2024:3339 RHSA-2024:3344 RHSA-2024:3411 RHSA-2024:3423 RHSA-2024:3588 View more

Huawei EulerOS: CVE-2024-34064: python-jinja2 security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 07/16/2024 Added 07/16/2024 Modified 12/12/2024 Description Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4. Solution(s) huawei-euleros-2_0_sp10-upgrade-python3-jinja2 References https://attackerkb.com/topics/cve-2024-34064 CVE - 2024-34064 EulerOS-SA-2024-1919

Huawei EulerOS: CVE-2024-33602: glibc security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 07/16/2024 Added 07/16/2024 Modified 12/12/2024 Description nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) huawei-euleros-2_0_sp10-upgrade-glibc huawei-euleros-2_0_sp10-upgrade-glibc-all-langpacks huawei-euleros-2_0_sp10-upgrade-glibc-common huawei-euleros-2_0_sp10-upgrade-glibc-locale-source huawei-euleros-2_0_sp10-upgrade-libnsl huawei-euleros-2_0_sp10-upgrade-nscd References https://attackerkb.com/topics/cve-2024-33602 CVE - 2024-33602 EulerOS-SA-2024-1907

Debian: CVE-2024-34069: python-werkzeug -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/13/2025 Description Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3. Solution(s) debian-upgrade-python-werkzeug References https://attackerkb.com/topics/cve-2024-34069 CVE - 2024-34069

Debian: CVE-2024-34078: python-html-sanitizer -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 09/06/2024 Added 09/05/2024 Modified 09/05/2024 Description html-sanitizer is an allowlist-based HTML cleaner. If using `keep_typographic_whitespace=False` (which is the default), the sanitizer normalizes unicode to the NFKC form at the end. Some unicode characters normalize to chevrons; this allows specially crafted HTML to escape sanitization. The problem has been fixed in 2.4.2. Solution(s) debian-upgrade-python-html-sanitizer References https://attackerkb.com/topics/cve-2024-34078 CVE - 2024-34078 DLA-3856-1

Debian: CVE-2024-27281: ruby2.7, ruby3.1 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 05/06/2024 Added 05/06/2024 Modified 09/05/2024 Description An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. (When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache.) The main fixed version is 6.6.3.1. For Ruby 3.0 users, a fixed version is rdoc 6.3.4.1. For Ruby 3.1 users, a fixed version is rdoc 6.4.1.1. For Ruby 3.2 users, a fixed version is rdoc 6.5.1.1. Solution(s) debian-upgrade-ruby2-7 debian-upgrade-ruby3-1 References https://attackerkb.com/topics/cve-2024-27281 CVE - 2024-27281 DSA-5677-1

Debian: CVE-2024-33600: glibc -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 05/06/2024 Added 05/06/2024 Modified 05/08/2024 Description nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) debian-upgrade-glibc References https://attackerkb.com/topics/cve-2024-33600 CVE - 2024-33600 DSA-5678-1

Debian: CVE-2024-27280: ruby2.7, ruby3.1 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 05/06/2024 Added 05/06/2024 Modified 09/05/2024 Description A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2. Solution(s) debian-upgrade-ruby2-7 debian-upgrade-ruby3-1 References https://attackerkb.com/topics/cve-2024-27280 CVE - 2024-27280 DSA-5677-1

Debian: CVE-2024-33601: glibc -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 05/06/2024 Added 05/06/2024 Modified 05/08/2024 Description nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients.The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) debian-upgrade-glibc References https://attackerkb.com/topics/cve-2024-33601 CVE - 2024-33601 DSA-5678-1

Debian: CVE-2024-33599: glibc -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 05/06/2024 Added 05/06/2024 Modified 05/08/2024 Description nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) debian-upgrade-glibc References https://attackerkb.com/topics/cve-2024-33599 CVE - 2024-33599 DSA-5678-1

Debian: CVE-2024-27282: ruby2.7, ruby3.1 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 05/06/2024 Added 05/06/2024 Modified 09/05/2024 Description An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1. Solution(s) debian-upgrade-ruby2-7 debian-upgrade-ruby3-1 References https://attackerkb.com/topics/cve-2024-27282 CVE - 2024-27282 DSA-5677-1

Debian: CVE-2024-34064: jinja2 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 12/17/2024 Added 12/16/2024 Modified 12/16/2024 Description Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4. Solution(s) debian-upgrade-jinja2 References https://attackerkb.com/topics/cve-2024-34064 CVE - 2024-34064 DLA-3988-1

Ubuntu: USN-6804-1 (CVE-2024-33601): GNU C Library vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 06/07/2024 Added 06/06/2024 Modified 11/15/2024 Description nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients.The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) ubuntu-pro-upgrade-nscd References https://attackerkb.com/topics/cve-2024-33601 CVE - 2024-33601 USN-6804-1

Huawei EulerOS: CVE-2024-33599: glibc security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/06/2024 Created 07/16/2024 Added 07/16/2024 Modified 12/12/2024 Description nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. Solution(s) huawei-euleros-2_0_sp10-upgrade-glibc huawei-euleros-2_0_sp10-upgrade-glibc-all-langpacks huawei-euleros-2_0_sp10-upgrade-glibc-common huawei-euleros-2_0_sp10-upgrade-glibc-locale-source huawei-euleros-2_0_sp10-upgrade-libnsl huawei-euleros-2_0_sp10-upgrade-nscd References https://attackerkb.com/topics/cve-2024-33599 CVE - 2024-33599 EulerOS-SA-2024-1907

Ubuntu: USN-7010-1 (CVE-2024-34508): DCMTK vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/05/2024 Created 09/18/2024 Added 09/18/2024 Modified 11/15/2024 Description dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. Solution(s) ubuntu-pro-upgrade-dcmtk ubuntu-pro-upgrade-libdcmtk12 ubuntu-pro-upgrade-libdcmtk14 ubuntu-pro-upgrade-libdcmtk16 ubuntu-pro-upgrade-libdcmtk17t64 ubuntu-pro-upgrade-libdcmtk5 References https://attackerkb.com/topics/cve-2024-34508 CVE - 2024-34508 USN-7010-1

Debian: CVE-2024-34508: dcmtk -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/05/2024 Created 02/04/2025 Added 02/03/2025 Modified 02/03/2025 Description dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. Solution(s) debian-upgrade-dcmtk References https://attackerkb.com/topics/cve-2024-34508 CVE - 2024-34508 DLA-3847-1