EUVD-2024-22946

Malicious code in bioql PyPI...

CVE-2024-25626

Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...

Input validation

Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...

CVE-2024-25626

The CVE-2024-25626 issue affects Yocto Project’s BitBake/Toaster: when the Toaster web interface is running, there is missing input validation in the Toaster server that can allow remote code execution via a crafted HTTP request. Authentication is not required, and the Toaster server is not part ...

PT-2024-21046 · Unknown +1 · Yocto Project +1

Name of the Vulnerable Software and Affected Versions: Yocto Project versions prior to 5.0 Yocto Project versions 3.1.x through 3.1.30 Yocto Project versions 4.0.x through 4.0.15 Yocto Project versions 4.3.x through 4.3.1 Bitbake versions prior to 2.6.2 Description: The issue is related to missin...