3 matches found
UBUNTU-CVE-2024-56406
A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the tr operator, Sdotransinvmap can overflow the destination...
UBUNTU-CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
jenkins-script-security-plugin: handling of property names in property expressions on the left-hand side of assignment expression leads to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...