12 matches found
MINI-PPV2-XXMX-5V3F
Bulletin has no description...
EUVD-2024-20842
Malicious code in bioql PyPI...
Oracle Linux 9 : cri-o (ELSA-2024-12347)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12347 advisory. - Address CVE-2024-24786 cri-tools - Address CVE-2024-24786 etcd - Address protobuf CVE-2024-24786 - Address protobuf CVE-2024-24786 - Backport from...
Oracle Linux 7 : cri-o (ELSA-2024-12329)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12329 advisory. - Address CVE-2024-24786 cri-tools - Address CVE-2024-24786 etcd - Address protobuf CVE-2024-24786 - Address CVE-2023-39326 by upgrading golang to...
Oracle Linux 8 : cri-o (ELSA-2024-12328)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12328 advisory. - Address CVE-2024-24786 cri-tools - Address CVE-2024-24786 etcd - Address protobuf CVE-2024-24786 - Address CVE-2023-39326 by upgrading golang to...
BIT-ENVOY-2024-23327 Crash in proxy protocol when command type of LOCAL in Envoy
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the...
CVE-2024-23327
A flaw was found in the Envoy proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block...
Design/Logic Flaw
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the...
CVE-2024-23327 Crash in proxy protocol when command type of LOCAL in Envoy
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the...
CVE-2024-23327
CVE-2024-23327 affects Envoy: when PPv2 is enabled on a listener and a downstream cluster, the Envoy process can segfault while crafting the upstream PPv2 header if the downstream request uses a LOCAL command type and lacks a protocol block. This vulnerability is fixed in Envoy releases 1.29.1, 1...
CVE-2024-23327 Crash in proxy protocol when command type of LOCAL in Envoy
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the...
CVE-2024-23327 Crash in proxy protocol when command type of LOCAL in Envoy
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the...