AZL-44865 CVE-2021-41190 affecting package buildah for versions less than 1.41.4-2

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

Design/Logic Flaw

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

UBUNTU-CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

CVE-2021-33073

CVE-2021-33073 affects Intel’s Distribution of OpenVINO Toolkit prior to version 2021.4. The Red Hat and Intel advisory entries confirm an Uncontrolled resource consumption flaw that may allow an unauthenticated user to cause denial of service via local access. Affected product scope is the Intel...

CVE-2021-33073

Uncontrolled resource consumption in the IntelR Distribution of OpenVINOâ„¢ Toolkit before version 2021.4 may allow an unauthenticated user to potentially enable denial of service via local access...

CVE-2021-41190 Clarify Content-Type handling in OCI spec

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

CVE-2021-41190

CVE-2021-41190 affects Buildah (and related OCI tooling) with versions less than 1.41.4-2. Root cause: OCI Distribution Specification prior to 1.0.1 allowed ambiguity when documents contain both manifests and layers or config without a consistent Content-Type header; the mediaType in manifests/in...

CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

Distribute Reports to Email Addresses in InsightVM

Rapid7 is investing heavily in the reporting and dashboard capabilities of InsightVM. In 2021 alone, we launched the ability to filter dashboards via single query, a new report creation wizard powered by our query builder, several use-case-driven dashboard templates, and most recently, the abilit...

Oci Distribution-Spec 代码问题漏洞

Oci Distribution-Spec is an Oci distribution specification. A code issue vulnerability exists in Oci Distribution-Spec that stems from the product's use of the Content-Type header to determine the document type, among other actions. An attacker could use this vulnerability to cause text content t...

PT-2021-7848 · Unknown +7 · Oci Distribution Specification +7

Name of the Vulnerable Software and Affected Versions: OCI Distribution Specification versions 1.0.0 and prior Description: The issue concerns the OCI Distribution Specification, which defines an API protocol for content distribution. In versions 1.0.0 and prior, the Content-Type header alone was...

EulerOS Virtualization 2.9.0 : krb5 (EulerOS-SA-2021-2777)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ecverify in kdc/kdcpreauthec.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.4 and 1.19.x before 1.19.2...

Apache Traffic Control LDAP filter injection vulnerability

Apache Traffic Control is a distributed and scalable content distribution solution from the Apache Foundation. An LDAP injection vulnerability exists in Apache Traffic Control, which stems from the fact that a user can send a request with a crafted username to any API version of the POST/login...

CISA Releases Advisory on Vulnerabilities in Multiple Data Distribution Service Implementations 

CISA has released an Industrial Control Systems Advisory ICSA related to a public report detailing vulnerabilities found in multiple open-source and proprietary Object Management Group OMG Data-Distribution Service DDS implementations. Successful exploitation of these vulnerabilities could result...

Siemens Product WIBU Systems CodeMeter Runtime Denial of Service Vulnerability

PSSRCAPE is a transmission and distribution network protection simulation software. pssRE i is a power system simulation and analysis tool for transmission operation and planning. pssRODMS i is a transmission network modeling and analysis tool. sicam 230 is a scalable process control system for a...

TributeAccrual.availableTribute() & TributeAccrual.availableGovernanceTribute() Distributes Tributes Unfairly

Handle leastwood Vulnerability details Impact Conviction scores are calculating by taking the user's balance and multiplying it by the time elapsed. This score is updated upon each token transfer, or alternatively by directly calling ERC20ConvictionScore.updateConvictionScore. The availableTribut...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-2664)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : krb5 (EulerOS-SA-2021-2714)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ecverify in kdc/kdcpreauthec.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.4 and 1.19.x before 1.19.2 allows remote...

EulerOS 2.0 SP9 : krb5 (EulerOS-SA-2021-2689)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ecverify in kdc/kdcpreauthec.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.4 and 1.19.x before 1.19.2 allows remote...