8 matches found
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in the Linux kernel before version 6.3.4. ksmbd has a buffer overflow vulnerability in the smb2findcontextvals function, when the namelen of createcontext is larger than the length of the tag...
GHSA-V3VC-6QCV-4VRX Apache NiFi: Potential Insertion of Sensitive Parameter Values in Debug Log
Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. An authorized administrator with access to change logging levels could enable debug logging for framework flow synchronization, causi...
PT-2024-35118 · Apache · Apache Nifi
Name of the Vulnerable Software and Affected Versions: Apache NiFi versions 1.16.0 through 1.28.0 Apache NiFi versions 2.0.0-M1 through 2.0.0-M4 Description: The issue concerns the optional debug logging of Parameter Context values during the flow synchronization process in Apache NiFi. An...
Spring GraphQL Security Vulnerability
Spring Framework is the U.S. Spring team of a set of open source Java, JavaEE application framework. The framework helps developers build high-quality applications. A security vulnerability exists in Spring GraphQL versions 1.1.0 through 1.1.5 and 1.2.0 through 1.2.2, which stems from the...
The vulnerability of the smb2_find_context_vals() function in the fs/ksmbd/oplock.c file of the KSMBD file system in the Linux operating system allows a attacker to gain access to protected information or cause service failures.
The vulnerability of the KSMBD file system in Linux operating systems relates to reading data beyond the allocated buffer. Exploiting this vulnerability can allow an attacker to gain access to protected information or cause service failures...
SUSE CVE-2023-38426
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2findcontextvals when createcontext's namelen is larger than the tag length...
DEBIAN-CVE-2023-38426
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2findcontextvals when createcontext's namelen is larger than the tag length...
PT-2023-3673 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.3.4 Description: An issue was discovered in the Linux kernel where ksmbd has an out-of-bounds read in smb2 find context vals when create context's name len is larger than the tag length. This issue may allow a...