21 matches found
GHSA-Q675-QJ96-32M9 vulnerabilities
Vulnerabilities for packages: gitlab-workhorse-ce, seaweedfs-rocksdb, seaweedfs-operator, seaweedfs-fips, seaweedfs-rocksdb-fips, seaweedfs, seaweedfs-operator-fips...
GHSA-2GF8-Q9RR-JQ3H zebrad has persistent on-disk corruption of Sapling/Orchard subtree roots after chain fork via pop_tip
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node participates in a network where chain forks occur mainnet, testnet, or any network with multiple miners. All default configurations are affected. The corruption persists across restarts because it is...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: flux-source-controller-fips, external-dns, argocd-image-updater-fips, backup-restore-operator, coder, cilium, aactl, opentelemetry-collector, argo-cd-fips, prometheus-fips, flux-source-controller, cloudbeat-fips, nerdctl, osv-scanner,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: backup-restore-operator, gitlab-runner-fips, amazon-ssm-agent-fips, crossplane-provider-keycloak, aactl, crossplane-provider-aws-kendra-fips, prometheus-podman-exporter, flux-source-controller, crossplane-provider-azure-sql, nerdctl, docker-machine-driver-linode,...
CVE-2024-26958
In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...
CVE-2024-26958 nfs: fix UAF in direct writes
In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...
abci-storage (=0.0.3), arcon_backend (>=0.1.0 <=0.1.1) +144 more potentially affected by unknown CVE via rocksdb (>=0.10.1 <=0.18.0)
rocksdb CARGO version =0.10.1, =0.1.0, =0.2.0, =0.2.0, =0.1.1, =1.2.0, =0.6.0, =6.0.0, =0.1.1, =0.1.0, =0.1.0, =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-XPP3-XRFF-W6RH...
GHSA-XPP3-XRFF-W6RH rocksdb vulnerable to out-of-bounds read
Affected versions of this crate called the RocksDB C API rocksdbopencolumnfamilieswithttl with a pointer to a single integer TTL value, but one TTL value for each column family is expected. This is only relevant when using rocksdb::DBWithThreadMode::opencfdescriptorswithttl with multiple column...
rocksdb vulnerable to out-of-bounds read
Affected versions of this crate called the RocksDB C API rocksdbopencolumnfamilieswithttl with a pointer to a single integer TTL value, but one TTL value for each column family is expected. This is only relevant when using rocksdb::DBWithThreadMode::opencfdescriptorswithttl with multiple column...
Fedora: Security Advisory for golang-github-cockroachdb-pebble (FEDORA-2022-5ef0bd9a27)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: golang-github-cockroachdb-pebble-0-0.9.20210108git48f5530.fc36
RocksDB/LevelDB inspired key-value database in Go...
Fedora: Security Advisory for golang-github-cockroachdb-pebble (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for golang-github-cockroachdb-pebble (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-github-cockroachdb-pebble-0-0.8.20210108git48f5530.fc36
RocksDB/LevelDB inspired key-value database in Go...
Out-of-bounds read when opening multiple column families with TTL
Affected versions of this crate called the RocksDB C API rocksdbopencolumnfamilieswithttl with a pointer to a single integer TTL value, but one TTL value for each column family is expected. This is only relevant when using rocksdb::DBWithThreadMode::opencfdescriptorswithttl with multiple column...
abci-storage (=0.0.3), arcon_backend (>=0.1.0 <=0.1.1) +144 more potentially affected by unknown CVE via rocksdb (>=0.10.1 <=0.18.0)
rocksdb CARGO version =0.10.1, =0.1.0, =0.2.0, =0.2.0, =0.1.1, =1.2.0, =0.6.0, =6.0.0, =0.1.1, =0.1.0, =0.1.0, =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0046...
RUSTSEC-2022-0046 Out-of-bounds read when opening multiple column families with TTL
Affected versions of this crate called the RocksDB C API rocksdbopencolumnfamilieswithttl with a pointer to a single integer TTL value, but one TTL value for each column family is expected. This is only relevant when using rocksdb::DBWithThreadMode::opencfdescriptorswithttl with multiple column...
Fedora: Security Advisory for golang-github-cockroachdb-pebble (FEDORA-2022-08ae2dd481)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2020:1748-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : ceph (SUSE-SU-2020:1748-1)
This is a version update for ceph to version 12.2.13 : Security issue fixed : CVE-2020-10753: Fixed an HTTP header injection via CORS ExposeHeader tag bsc1171921. Notable changes in this update for ceph : - mgr: telemetry: backported and now available on SES5.5. Please consider enabling via 'ceph...