148 matches found
CVE-2023-5363 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2023-5363 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-5678 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2023-5678 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2018-25032 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2018-25032 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-0727 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2024-0727 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-6129 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2023-6129 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-45853 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2023-45853 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: blosc / boost / cloud-hypervisor / cloud-hypervisor-cvm / keras / nmap / rust (CVE-2023-45853)
The version of blosc / boost / cloud-hypervisor / cloud-hypervisor-cvm / keras / nmap / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45853 advisory. - MiniZip in zlib through 1.3 has an...
CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0215)
The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0215 advisory. - The public API function BIOnewNDEF is a helper function used for...
CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl (CVE-2022-4304)
The version of cloud-hypervisor / edk2 / hvloader / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4304 advisory. - A timing based side channel exists in the OpenSSL RSA Decryption...
CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2022-4450)
The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4450 advisory. - The function PEMreadbioex reads a PEM file from a BIO and parses...
CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0286)
The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0286 advisory. - There is a type confusion vulnerability relating to X.400 addres...
AZL-42988 CVE-2024-5535 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-3
Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or ...
AZL-42766 CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
AZL-42694 CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
AZL-42688 CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...
AZL-42727 CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...
AZL-42765 CVE-2024-2511 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...
AZL-42700 CVE-2024-2511 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...
CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2
CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2. A patched version of the package is available...