Lucene search
K

6 matches found

OSV
OSV
added 2023/01/17 7:38 p.m.12 views

GSD-2023-1001625 NFSv4.2: Fix a memory stomp in decode_attr_security_label

NFSv4.2: Fix a memory stomp in decodeattrsecuritylabel This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 7:19 p.m.10 views

GSD-2023-1001459 NFSv4.2: Fix a memory stomp in decode_attr_security_label

NFSv4.2: Fix a memory stomp in decodeattrsecuritylabel This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 6:46 p.m.9 views

GSD-2023-1001156 NFSv4.2: Fix a memory stomp in decode_attr_security_label

NFSv4.2: Fix a memory stomp in decodeattrsecuritylabel This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 6:7 p.m.13 views

GSD-2023-1000756 NFSv4.2: Fix a memory stomp in decode_attr_security_label

NFSv4.2: Fix a memory stomp in decodeattrsecuritylabel This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2018/10/17 8:2 p.m.29 views

GHSA-RCPF-VJ53-7H2M Denial of Service in org.springframework:spring-core

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user or attacker can craft a message ...

6.5CVSS6.6AI score0.03279EPSS
Exploits0References16
Veracode
Veracode
added 2018/05/10 7:2 a.m.27 views

Regular Expression Denial Of Service (ReDoS)

spring-messaging is vulnerable to regular expression denial of service ReDoS attacks. A malicious user can pass a message to an in-memory STOMP broker that can cause a ReDoS...

6.5CVSS7.5AI score0.03279EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder