Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016617 advisory. When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even f...

SUSE CVE-2021-36373

When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected...

AZL-25954 CVE-2021-36374 affecting package javapackages-bootstrap for versions less than 1.5.0-6

When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives...

Apache Airflow Unauthorized Access Vulnerability

Apache Airflow is the United States Apache Apache Software Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An unauthorized access vulnerability exists in Apache Airflow versions pri...

PT-2018-2495 · Kubernetes +2 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes versions prior to 1.10.11 Kubernetes versions prior to 1.11.5 Kubernetes versions prior to 1.12.3 Description: The issue is related to incorrect handling of error responses to proxied upgrade requests in the kube-apiserver, allowin...

wireshark: AMQP dissector crash (wnpa-sec-2014-21)

Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service application crash via a crafted amqp010 PDU in a packet...

wireshark: NCP dissector crashes (wnpa-sec-2014-22)

The buildexpertdata function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...