18 matches found
GHSA-9CVC-H2W8-PHRP AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value
Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in th...
AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value
This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in the AWS SD...
AWS SDK for Swift adopted defense in depth enhancement for region parameter value
CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement h...
Improper Validation of Syntactic Correctness of Input
Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the region input field. An attacker can cause AWS API calls to be routed to unintended or non-existent hosts by supplying an invalid...
GHSA-6475-R3VJ-M8VF AWS SDK for JavaScript v3 adopted defense in depth enhancement for region parameter value
CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement h...
AWS SDK for JavaScript v3 adopted defense in depth enhancement for region parameter value
CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement h...
AWS SDK for Rust v1 adopted defense in depth enhancement for region parameter value
Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in th...
AWS SDK for Swift adopted defense in depth enhancement for region parameter value
CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement h...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation via improper verification of AWS EC2 identity documents in the aws-iid process. An attacker can cause the system to accept forged identity documents by providing documents with missing or invalid...
Linux Distros Unpatched Vulnerability : CVE-2022-49894
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space...
UBUNTU-CVE-2022-49894
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space allocated. Skip them when validating HPA order otherwise a crash like the following may result: devmcxladdregion: cxlacpi cxlacpi.0:...
CVE-2022-49894 cxl/region: Fix region HPA ordering validation
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space allocated. Skip them when validating HPA order otherwise a crash like the following may result: devmcxladdregion: cxlacpi cxlacpi.0:...
CVE-2022-49894
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space allocated. Skip them when validating HPA order otherwise a crash like the following may result: devmcxladdregion: cxlacpi cxlacpi.0:...
CVE-2022-49894 cxl/region: Fix region HPA ordering validation
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space allocated. Skip them when validating HPA order otherwise a crash like the following may result: devmcxladdregion: cxlacpi cxlacpi.0:...
PT-2025-18611 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the validation of region HPA ordering. Some regions may not have any address space allocated, and skipping them during...
Input validation
Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking...
Qualcomm 组件 输入验证错误漏洞
The Qualcomm Component is a component of Qualcomm Incorporated USA. An intrinsic part that provides functionality to Qualcomm devices. A security vulnerability exists in the Qualcomm Component that originates from incorrect validation of memory regions in the Hypervisor can lead to incorrect regi...
PT-2020-19875 · Hashicorp · Nomad Enterprise +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions up to 0.10.2 Description: The issue concerns improper validation of role/region associated with TLS certificates used for mTLS RPC, making the system susceptible to privilege escalation...