Lucene search
K

40 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/20 12:0 a.m.36 views

RHEL 8 / 9 : java-21-openjdk (RHSA-2024:1828)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1828 advisory. The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security...

3.7CVSS6.8AI score0.01361EPSS
Exploits0References10
OSV
OSV
added 2024/04/18 12:0 a.m.44 views

ALSA-2024:1825 Moderate: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122 CVE-2024-21068...

3.7CVSS5.4AI score0.01361EPSS
Exploits0References11
AlmaLinux
AlmaLinux
added 2024/04/18 12:0 a.m.40 views

Moderate: java-21-openjdk security update

The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122 CVE-2024-21068...

3.7CVSS7.5AI score0.01361EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2024/04/18 12:0 a.m.60 views

Moderate: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122 CVE-2024-21068...

3.7CVSS7.5AI score0.01361EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/04/17 11:49 a.m.76 views

Moderate: Red Hat Security Advisory: OpenJDK 17.0.11 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

3.7CVSS6.7AI score0.01361EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.43 views

EulerOS 2.0 SP8 : golang (EulerOS-SA-2024-1269)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...

7.5CVSS7AI score0.04561EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.42 views

RHCOS 4 : OpenShift Container Platform 4.12.39 (RHSA-2023:5679)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5679 advisory. - golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 - HTTP/2: Multiple HTTP/...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References7
Tenable Nessus
Tenable Nessus
added 2024/01/19 12:0 a.m.19 views

Fedora 39 : golang-github-facebook-time (2024-07c811c7a5)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-07c811c7a5 advisory. Security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/19 12:0 a.m.24 views

Fedora 39 : prometheus-podman-exporter (2023-b75ee820ce)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b75ee820ce advisory. release v1.5.0 + security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/19 12:0 a.m.35 views

Fedora 38 : podman-tui (2023-e359fd31d2)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e359fd31d2 advisory. podman-tui v0.12.0 + security fix for CVE-2023-39325 and CVE-2022-41717 and CVE-2022-41723 Tenable has extracted the preceding description block...

7.5CVSS7.2AI score0.05623EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.21 views

Fedora 37 : pack (2023-5029b92850)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-5029b92850 advisory. fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.35 views

Fedora 38 : pack (2023-257f33c602)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-257f33c602 advisory. Fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.25 views

Amazon Linux 2 : amazon-ecr-credential-helper (ALASNITRO-ENCLAVES-2023-033)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.7.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2023-033 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request...

7.5CVSS7AI score0.03796EPSS
Exploits0References4
Fedora
Fedora
added 2023/10/15 1:44 a.m.48 views

[SECURITY] Fedora 38 Update: nghttp2-1.52.0-2.fc38

This package contains the HTTP/2 client, server and proxy programs...

7.5CVSS7.1AI score0.99999EPSS
Exploits19
F5 Networks
F5 Networks
added 2023/02/21 6:7 p.m.52 views

K81557381: BIG-IP HTTP/2 vulnerability CVE-2019-6673

Security Advisory Description When the BIG-IP system is configured in HTTP/2 full proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel TMM. CVE-2019-6673 Impact An attacker may be able to use a specifically crafted request to...

7.5CVSS7.5AI score0.01014EPSS
Exploits0Affected Software8
OSV
OSV
added 2022/11/18 2:35 p.m.10 views

SUSE-SU-2022:4078-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.17+8 October 2022 CPU - CVE-2022-39399: Improve HTTP/2 client usagebsc1204480 - CVE-2022-21628: Better HttpServer service bsc1204472 - CVE-2022-21624: Enhance icon presentations bsc1204475 - CVE-2022-21619: Improve...

5.3CVSS5.4AI score0.02376EPSS
Exploits0References15
Kaspersky
Kaspersky
added 2020/11/17 12:0 a.m.55 views

KLA12087 Multiple vulnerabilities in Apache Tomcat

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability can be exploited to obtain sensitive information. ...

7.5CVSS7.2AI score0.24622EPSS
Exploits0References4
Prion
Prion
added 2020/10/12 2:15 p.m.29 views

Cross site request forgery (csrf)

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...

4CVSS4.5AI score0.57286EPSS
Exploits0References7Affected Software4
Fedora
Fedora
added 2020/06/18 1:1 a.m.38 views

[SECURITY] Fedora 31 Update: nghttp2-1.41.0-1.fc31

This package contains the HTTP/2 client, server and proxy programs...

7.5CVSS2.3AI score0.05316EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.29 views

F5 Networks BIG-IP : BIG-IP HTTP/2 vulnerability (K81557381)

When the BIG-IP system is configured in HTTP/2 full proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel TMM. CVE-2019-6673 Impact An attacker may be able to use a specifically crafted request to cause a disruption of service...

7.5CVSS7.3AI score0.01014EPSS
Exploits0References2
Rows per page
Query Builder