EUVD-2021-30036

Malicious code in bioql PyPI...

CVE-2021-43083

Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...

org.apache.nifi:nifi-kafka-connector-tests (>=1.14.0 <=1.23.2), org.apache.nifi:nifi-standard-nar (>=1.14.0 <=1.15.3) +4 more potentially affected by CVE-2023-49145 via org.apache.nifi:nifi-jolt-transform-json-ui (>=1.14.0 <=1.23.2)

org.apache.nifi:nifi-jolt-transform-json-ui MAVEN version =1.14.0, =1.14.0, =1.14.0, =1.15.0, =1.14.0, =1.23.2 - org.apache.plc4x:plc4j-nifi-plc4x-nar =0.10.0 - org.apache.plc4x:plc4j-nifi-plc4x-processors =0.10.0 Source cves: CVE-2023-49145 Source advisory: OSV:GHSA-68PR-6FJC-WMGM...

com.hcl.commerce:commerce-search-processors (>=9.1.12.0 <=9.1.15.0), org.apache.nifi.minifi:minifi-assembly (>=1.14.0 <=1.22.0) +7 more potentially affected by CVE-2023-36542 via org.apache.nifi:nifi-standard-processors (>=0.1.0-incubating <=1.22.0)

org.apache.nifi:nifi-standard-processors MAVEN version =0.1.0-incubating, =9.1.12.0, =1.14.0, =1.14.0, =1.14.0, =0.1.0-incubating, =1.15.0, =1.14.0, =1.22.0 - org.apache.plc4x:plc4j-nifi-plc4x-nar =0.10.0 - org.apache.plc4x:plc4j-nifi-plc4x-processors =0.10.0 Source cves: CVE-2023-36542 Source...

com.hcl.commerce:commerce-search-processors (>=9.1.12.0 <=9.1.15.0), org.apache.nifi.minifi:minifi-assembly (>=1.14.0 <=1.28.1) +8 more potentially affected by CVE-2018-1309 via org.apache.nifi:nifi-standard-processors (>=0.2.0-incubating <=1.28.1)

org.apache.nifi:nifi-standard-processors MAVEN version =0.2.0-incubating, =9.1.12.0, =1.14.0, =1.14.0, =1.14.0, =0.2.0-incubating, =1.24.0, =1.15.0, =1.14.0, =0.10.0, =0.10.0, =0.12.0 Source cves: CVE-2018-1309 Source advisory: OSV:GHSA-42WX-65G4-5CXV...

CVE-2021-43083

Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...

Integer overflow

Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...

CVE-2021-43083

Affected software : Apache PLC4X – PLC4C (C language implementation). Issue : unsigned integer underflow vulnerability in the TCP transport. Root cause : underflow within the C implementation when handling crafted responses from a malicious device. Impact and scope : requires an attacker to activ...

CVE-2021-43083 Apache PLC4X 0.9.0 Buffer overflow in PLC4C via crafted server response

Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...