20 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-4235
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be...
TencentOS Server 3: ostree (TSSA-2023:0103)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0103 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-27
CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-27. This CVE either no longer is or was never applicable...
USN-6287-1: Go yaml vulnerabilities
Simon Ferquel discovered that the Go yaml package incorrectly handled certain YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service...
Debian: Security Advisory (DLA-3479-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3479-1] golang-yaml.v2 security update
Debian LTS Advisory DLA-3479-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez July 05, 2023 https://wiki.debian.org/LTS Package : golang-yaml.v2 Version : 2.2.2-1+deb10u1 CVE ID : CVE-2021-4235 CVE-2022-3064 Two denial of service vulnerabilities have been...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.22 bug fix and security update
Red Hat OpenShift Container Platform release 4.12.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update
Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.2 security update
Red Hat OpenShift Container Platform release 4.12.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.2 security update
Red Hat OpenShift Container Platform release 4.12.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.0 packages and security update
Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
AZL-44229 CVE-2021-4235 affecting package delve 1.5.0-16
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
CVE-2021-4235
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
CVE-2021-4235 vulnerabilities
Vulnerabilities for packages: dex-k8s-authenticator, k3d...
CVE-2021-4235 vulnerabilities
Vulnerabilities for packages: k3d...
CVE-2021-4235
CVE-2021-4235 describes a denial-of-service risk from unbounded alias chasing in YAML parsing. In connected documents, two Mariner advisories link this CVE to the Go-YAML-based YAML processing used by container tools and specify practical fixes. The Mariner entries note that affected packages are...
CVE-2021-4235 Denial of service in gopkg.in/yaml.v2
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
CVE-2021-4235 Denial of service in gopkg.in/yaml.v2
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
CVE-2021-4235
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
CVE-2021-4235 affecting package etcd 3.5.1-6
CVE-2021-4235 affecting package etcd 3.5.1-6. An upgraded version of the package is available that resolves this issue...