GHSA-WC5V-R48V-G4VH Cilium host policy bypass in endpoint-routes mode with dual-stack

Impact This vulnerability allows bypassing host policies for IPv6 traffic coming from a Cilium-managed pod and destined to the host-network namespace e.g., to a host-network pod. Host policy enforcement on IPv4 or for traffic coming from outside the node is not affected. Cilium is only affected b...

CVE-2022-22160

An Unchecked Error Condition vulnerability in the subscriber management daemon smgd of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service DoS. In a subscriber management / broadband edge environment if a single session group...

OPENSUSE-SU-2021:1642-1 Security update for postrsd

postrsd was updated to release 1.11 boo1180251: Drop group privileges as well as user privileges Fixed: The subprocess that talks to Postfix could be caused to hang with a very long email address. CVE-2020-35573 - Update to release 1.6 Fix endianness issue with SHA-1 implementation Add dual stack...

Security update for postrsd (moderate)

openSUSE Security Update: Security update for postrsd Announcement ID: openSUSE-SU-2021:1642-1 Rating: moderate References: 1180251 Cross-References: CVE-2020-35573 CVSS scores: CVE-2020-35573 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 ...

openSUSE Security Update : postsrsd (openSUSE-2021-646)

This update for postsrsd fixes the following issues : Update to release 1.11 boo1180251 - Drop group privileges as well as user privileges - Fixed: The subprocess that talks to Postfix could be caused to hang with a very long email address. CVE-2020-35573 Update to release 1.6 - Fix endianness...

Security update for postsrsd (moderate)

openSUSE Security Update: Security update for postsrsd Announcement ID: openSUSE-SU-2021:0669-1 Rating: moderate References: 1180251 Cross-References: CVE-2020-35573 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update...

OPENSUSE-SU-2021:0646-1 Security update for postsrsd

This update for postsrsd fixes the following issues: Update to release 1.11 boo1180251 Drop group privileges as well as user privileges Fixed: The subprocess that talks to Postfix could be caused to hang with a very long email address. CVE-2020-35573 Update to release 1.6 Fix endianness issue wit...

Security update for postsrsd (moderate)

openSUSE Security Update: Security update for postsrsd Announcement ID: openSUSE-SU-2021:0646-1 Rating: moderate References: 1180251 Cross-References: CVE-2020-35573 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for postsrs...

Open Redirect

matrix-synapse is vulnerable to open redirect. The requests to the user provided domains are allowed to external IP addresses while using transitional IPv6 addresses, affecting outbound requests to federation, identity servers, when calculating the key validity for third-party invite events,...

GHSA-5WRH-4JWV-5W78 Open redirect via transitional IPv6 addresses on dual-stack networks

Impact Requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL...

Open redirect via transitional IPv6 addresses on dual-stack networks

Impact Requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL...

DEBIAN-CVE-2021-21392

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6...

PYSEC-2021-25

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6...

UBUNTU-CVE-2021-21392

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6...

CVE-2021-21392 Open redirect via transitional IPv6 addresses on dual-stack networks

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6...

FNET Buffer Error Vulnerability

FNET is a soft armor from the FNET organization that provides dual TCP / IPv4 and IPv6 stack support for 32-bit MCUs. FNET suffers from a buffer error vulnerability that stems from a function that handles IPv6 hop-by-hop extension headers not checking the validity of their option lengths, allowin...

CVE-2018-20812

An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel when Traffic Enforcement was enabled exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack IPv4/IPv6 endpoints...

CVE-2018-20812

An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel when Traffic Enforcement was enabled exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack IPv4/IPv6 endpoints...

Information disclosure

An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel when Traffic Enforcement was enabled exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack IPv4/IPv6 endpoints...

Leaked DNS Query Detection - ISATAP Request (IPv6)

Binary data 7203.pasl...