PT-2023-25039 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 05dbbd1 Description: An Assertion Failure was discovered in Jerryscript via the ecma property hashmap create function at jerry-core/ecma/base/ecma-property-hashmap.c. Recommendations: For Jerryscript version 3.0...

PT-2023-35768 · Git +1 · Systemd

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash occurred due to an unknown read issue. The crash state involves hashmap free and journal remote server destroy functions in the...

Apache Log4j 1.x (EOL) allows Denial of Service (DoS)

UNSUPPORTED WHEN ASSIGNED When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted ie deeply nested hashmap or hashtable depending on which logging component is in use to be processed...

Code injection

UNSUPPORTED WHEN ASSIGNED When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted ie, deeply nested hashmap or hashtable depending on which logging component is in use to be processed...

CVE-2023-26464

UNSUPPORTED WHEN ASSIGNED When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted ie, deeply nested hashmap or hashtable depending on which logging component is in use to be processed...

CVE-2023-26464

UNSUPPORTED WHEN ASSIGNED When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted ie, deeply nested hashmap or hashtable depending on which logging component is in use to be processed...

In the Linux kernel before 5.16 tools/perf/util/expr.c lacks a check for the hashmap__new return value.

...

SUSE CVE-2023-23003

In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmapnew return value...

AZL-25351 CVE-2023-23003 affecting package kernel for versions less than 5.15.118.1-2

In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmapnew return value...

DEBIAN-CVE-2023-23003

In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmapnew return value...

UBUNTU-CVE-2023-23003

In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmapnew return value...

CVE-2023-23003

In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmapnew return value...

Debian DSA-5315-1 : libxstream-java - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5315 advisory. XStream serializes Java objects to XML and back again. Versions prior to 1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with a stack overflow...

CVE-2022-41966

XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for...

CVE-2022-41966

XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for...

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

RHEL 8 : java-1.8.0-ibm (RHSA-2022:5837)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5837 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

RHEL 7 : java-1.8.0-ibm (RHSA-2022:4959)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4959 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...