Bug#1103801: CVE-2024-40446: code injection vulnerability

Hello Hilmar, Yes, version 1.74 is not affected because I think the vulnerable feature was added in 1.76. (or 1.75, I can’t find the source code of 1.75 so I can’t make sure of it) There is a comment [1] that stated that he contacted the author John, and he said version 1.75 in the source code

Bug#1103801: Additional public reference

Apr 27, 2025, at 23:44, Hilmar Preusse wrote: > > On 21.04.25 Shang-Hung, Wan (a24230...@gmail.com) wrote: > > Hello, > >> Although I’ve already requested publication from MITRE, the process >> may take some time. >> >> In the meantime, here is