2 matches found
GHSA-GXQ5-79M2-GVVQ Apache Bookkeeper vulnerable to Improper Certificate Validation
The Apache Bookkeeper Java Client before 4.14.6 and also 4.15.0 does not close the connection to the bookkeeper server when TLS hostname verification fails. This leaves the bookkeeper client vulnerable to a man in the middle attack. The problem affects BookKeeper client prior to versions 4.14.6 a...
PT-2017-14963 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.14.6 Description: The issue is related to a race condition in the raw sendmsg function, specifically in the inet-hdrincl component, which leads to the usage of an uninitialized stack pointer. This condition...