Voici la liste des derniers avis du CERT-Renater en 2025 :


17 Jan 2025VULN014Git : Vulnerabilities fixed in gitSystems running git versions prior to 2.48.1, 2.47.1, 2.46.3, 2.45.3, 2.44.3, 2.43.6, 2.42.4, 2.41.3, 2.40.4.
17 Jan 2025VULN013Joomla! : Multiple vulnerabilities fixed in Joomla! CMSSystems running Joomla! CMS versions prior to 3.10.20-elts, 4.4.10, 5.2.3.
17 Jan 2025VULN012GitLab : GitLab Patch Release 17.7.1, 17.6.3, 17.5.5Systems running GitLab versions prior to 17.7.1, 17.6.3, 17.5.5.
17 Jan 2025VULN011Google Chrome : Chrome 132.0.6834.83/84 fix multiple security vulnerabilitiesSystems running Google Chrome versions prior to 132.0.6834.83/84.
17 Jan 2025VULN010TYPO3 : Multiple security vulnerabilities fixed in TYPO3Systems running TYPO3 versions prior to 9.5.49 ELTS, 10.4.48 ELTS, 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS.
17 Jan 2025VULN009SPIP : Mise =?UTF-8?Q?=C3=A0?= jour de =?UTF-8?Q?s=C3=A9curit=C3=A9?= sortie de SPIP 4.3.6, SPIP 4.2.17, SPIP 4.1.20Systems running SPIP versions prior to 4.3.6, 4.2.17, 4.1.20.
17 Jan 2025VULN008Kubernetes : CVE-2024-9042 Command Injection affecting Windows nodes via nodes/*/logs/query APISystems running Kubelet versions prior to 1.32.1, 1.31.5, 1.30.9, 1.29.13.
16 Jan 2025VULN007git-lfs : Git LFS permits retrieval of credentials via crafted HTTP URLsSystems running git-lfs versions prior to 3.6.1.
16 Jan 2025VULN006Rancher : Stored XSS in Rancher UISystems running Rancher versions prior to 2.9.4, 2.10.0.
16 Jan 2025VULN005Apache : CVE-2024-54676: Apache OpenMeetings Deserialisation of untrusted data in cluster modeSystems running Apache OpenMeetings versions prior to 8.0.0.
16 Jan 2025VULN004Go-git: Vulnerabilities fixed in go-gitSystems running go-git versions prior to 5.13.
16 Jan 2025VULN003Next.js : Denial of Service (DoS) with Server ActionsSystems running Next.js versions prior to 15.1.2, 14.2.21, 13.5.8.
16 Jan 2025VULN001Django : Django security releases issued: 5.1.5, 5.0.11, and 4.2.18Systems running Django versions prior to 5.1.5, 5.0.11, 4.2.18.




      
Conception & développement : DirNum - Dernière mise à jour : 17/01/2025