Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2023-28424
- EPSS 0.61%
- Published 20.03.2023 13:15:11
- Last modified 11.04.2025 14:50:48
Soko if the code that powers packages.gentoo.org. Prior to version 1.0.2, the two package search handlers, `Search` and `SearchFeed`, implemented in `pkg/app/handler/packages/search.go`, are affected by a SQL injection via the `q` parameter. As a res...
9.1
CVE-2023-26033
- EPSS 0.2%
- Published 25.02.2023 00:15:11
- Last modified 21.11.2024 07:50:37
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the v...
1