Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

RHEL 8 : java-11-openjdk (RHSA-2020:3099)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3099 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

RHEL 8 : java-11-openjdk (RHSA-2020:3098)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3098 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

Oracle Linux 7 : java-11-openjdk (ELSA-2020-2969)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2969 advisory. 1:11.0.8.10-0.0.1 - link atomic for ix86 build 1:11.0.8.10-0 - Update to shenandoah-jdk-11.0.8+10 GA - Switch to GA mode for final release. - Update...

Oracle Linux 8 : java-11-openjdk (ELSA-2020-2970)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2970 advisory. 1:11.0.8.10-0 - Update to shenandoah-jdk-11.0.8+10 GA - Switch to GA mode for final release. - Update release notes with last minute fix JDK-8248505. -...

Race condition

A Race Condition vulnerability in Juniper Networks Junos OS LLDP implementation allows an attacker to cause LLDP to crash leading to a Denial of Service DoS. This issue occurs when crafted LLDP packets are received by the device from an adjacent device. Multiple LACP flaps will occur after LLDP...

Denial Of Service (DoS)

OpenJDK is vulnerable to denial of service DoS. The vulnerability exists through the excessive memory usage in ImageIO TIFF plugin...

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Important: Red Hat Security Advisory: java-11-openjdk security and enhancement update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Fedora: Security Advisory for gst (FEDORA-2020-9e6f5b3ae2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

envoy: Resource exhaustion when processing HTTP/1.1 headers with long field names

An uncontrolled resource consumption vulnerability was found in Envoy. This flaw allows an attacker to craft many HTTP requests with long field names or URLs to cause the proxy to consume excessive amounts of memory, potentially resulting in a denial of service. The highest threat from this...

Moderate: Red Hat Security Advisory: rh-nginx116-nginx security update

An update for rh-nginx116-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

Code injection

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

CVE-2020-12604

CVE-2020-12604 affects Envoy versions prior to 1.16.1. The issue arises when an HTTP/2 client sends a large payload but does not provide enough window updates to consume the stream and does not reset it, leading to increased memory usage. Public documents specify vulnerable versions (1.14.2, 1.13...

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

Mattermost Server Resource Management Error Vulnerability (CNVD-2020-36216)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 5.2.2, prior to 5.1.2, and prior to 4.10.4. A remote attacker could exploit this vulnerability to cause a denial of service...

DEBIAN-CVE-2020-14152

In IJG JPEG aka libjpeg before 9d, jpegmemavailable in jmemnobs.c in djpeg does not honor the maxmemorytouse setting, possibly causing excessive memory consumption...