CVE-2024-36814 Affecting govulncheck-vulndb package, versions <0.0.20241030T212825-150000.1.9.1
Threat Intelligence
EPSS
0.05% (17th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-SLES155-GOVULNCHECKVULNDB-8344173
- published 6 Nov 2024
- disclosed 5 Nov 2024
How to fix?
Upgrade SLES:15.5 govulncheck-vulndb to version 0.0.20241030T212825-150000.1.9.1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream govulncheck-vulndb package and not the govulncheck-vulndb package as distributed by SLES.
See How to fix? for SLES:15.5 relevant fixed versions and status.
An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory.
References
- https://www.suse.com/security/cve/CVE-2024-36814.html
- https://github.com/AdguardTeam/AdGuardHome/
- https://github.com/AdguardTeam/AdGuardHome/blob/7c002e1a99b9b4e4a40e8c66851eda33e666d52d/internal/filtering/http.go#L23C1-L51C2
- https://github.com/itz-d0dgy/
- https://happy-little-accidents.pages.dev/posts/CVE-2024-36814/