Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump CLI #198

Merged
merged 1 commit into from
Jan 24, 2025
Merged

Bump CLI #198

merged 1 commit into from
Jan 24, 2025

Conversation

baksetercx
Copy link
Member

No description provided.

@baksetercx baksetercx self-assigned this Jan 24, 2025
@github-actions GitHub Actions
Copy link
Contributor

⚠️ Vulnerabilities detected in ghcr.io/3lvia/core/vulnerable-service:latest-cache ⚠️

Found in: ghcr.io/3lvia/core/vulnerable-service:latest-cache (debian 10.13)

glibc: stack-based buffer overflow in netgroup cache – HIGH

ID: CVE-2024-33599

Package Name: libc-bin

Installed Version: 2.28-10+deb10u3

nscd: Stack-based buffer overflow in netgroup cache

If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
by client requests then a subsequent client request for netgroup data
may result in a stack-based buffer overflow. This flaw was introduced
in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

References:

glibc: stack-based buffer overflow in netgroup cache – HIGH

ID: CVE-2024-33599

Package Name: libc6

Installed Version: 2.28-10+deb10u3

nscd: Stack-based buffer overflow in netgroup cache

If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
by client requests then a subsequent client request for netgroup data
may result in a stack-based buffer overflow. This flaw was introduced
in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

References:

@baksetercx baksetercx merged commit e9b0d07 into trunk Jan 24, 2025
34 of 41 checks passed
@baksetercx baksetercx deleted the chore/bump-cli branch January 24, 2025 16:22
baksetercx added a commit that referenced this pull request Jan 24, 2025
@baksetercx
Revert "Bump CLI (#198)"
7bb78bf 
This reverts commit e9b0d07.
@baksetercx baksetercx mentioned this pull request Jan 24, 2025
Merged
baksetercx added a commit that referenced this pull request Jan 24, 2025
@baksetercx
Revert "Bump CLI (#198)" (#199)
fc93a78 
This reverts commit e9b0d07.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@baksetercx baksetercx

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@baksetercx