ELSA-2024-7136

Опубликовано: 25 сент. 2024

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2024-7136: git-lfs security update (IMPORTANT)

[3.4.1-4]

Rebuild with new Golang
Resolves: RHEL-57920

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

git-lfs

3.4.1-4.el9_4

Oracle Linux x86_64

git-lfs

3.4.1-4.el9_4

Связанные CVE

CVE-2024-34156

Ссылки на источники

Связанные уязвимости

CVE-2024-34156

CVSS3: 7.5

ubuntu

около 1 года назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

CVE-2024-34156

CVSS3: 7.5

redhat

около 1 года назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

CVE-2024-34156

CVSS3: 7.5

nvd

около 1 года назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

CVE-2024-34156

msrc

около 2 месяцев назад

Stack exhaustion in Decoder.Decode in encoding/gob

CVE-2024-34156

CVSS3: 7.5

debian

около 1 года назад

Calling Decoder.Decode on a message which contains deeply nested struc ...