14 matches found
EUVD-2016-10573
Malware in sbrugna...
CVE-2025-2888
During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will fail, preventing the next update until the cache is cleared. Users should upgrade to tough version 0.20...
Improper Cache Management
github.com/MicahParks/jwkset is vulnerable to Improper Cache Management. The vulnerability is due to the provided HTTP client's local JWK Set cache failing to perform a full replacement during refresh operations. This allows outdated or revoked keys to remain in the cache, posing a security risk...
GHSA-675F-RQ2R-JW82 JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh
Impact The project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key...
USN-6152-1 linux-gke regression
It was discovered that NFS client's access cache implementation in the Linux kernel caused a severe NFS performance degradation in certain conditions. This updated makes the NFS file-access stale cache behavior to be optional...
PT-2023-36312 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A severe performance degradation issue was discovered in the Linux kernel's NFS client access cache implementation under certain conditions. The issue affects the NFS file-access stale...
SUSE CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
DEBIAN-CVE-2016-9772
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...
MGASA-2017-0037 Updated openafs packages fix security vulnerability
Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...
Updated openafs packages fix security vulnerability
Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...
ejb-client: Session fixation due improper connection caching
Red Hat JBoss Enterprise Application Platform EAP 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client...
CentOS Update for nfs-utils CESA-2009:1321 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 5 : nfs-utils (CESA-2009:1321)
An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that...
RHEL 5 : nfs-utils (RHSA-2009:1321)
The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2009:1321 advisory. The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that nfs-utils did not use tcpwrappers...