8850 matches found
Important: dotnet8.0
Issue Overview: .NET Core and Visual Studio Denial of Service Vulnerability CVE-2024-30105 .NET and Visual Studio Remote Code Execution Vulnerability CVE-2024-35264 .NET and Visual Studio Denial of Service Vulnerability CVE-2024-38095 Affected Packages: dotnet8.0 Issue Correction: Run dnf update...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
Important: ecs-service-connect-agent
Issue Overview: dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws a...
Medium: ecs-init
Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...
Important: java-1.8.0-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.1...
Important: ecs-service-connect-agent
Issue Overview: Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230section-6.7 a server sends 101 wh...
Important: kernel-livepatch-4.14.343-259.562
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean th...
Medium: uriparser
Issue Overview: An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow. CVE-2024-34402 An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an...
Important: git
Issue Overview: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a...
Medium: oci-add-hooks
Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...
Important: php8.2
Issue Overview: The vulnerability allows a remote attacker to bypass implemented security restrictions. The vulnerability exists due to the way PHP handles HTTP variable names. A remote attacker can set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cook...
Important: git
Issue Overview: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a...
Important: git
Issue Overview: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a...
Medium: python-pymongo
Issue Overview: Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could force the parser to deserialize unmanaged memory. The parser tries to interpret bytes next to buffer and throws an exception with...
Important: unbound
Issue Overview: An issue was discovered in some DNS recursive resolvers that allows remote attackers to cause a denial of service using a maliciously designed authority and response amplification. CVE-2024-33655 Affected Packages: unbound Issue Correction: Run dnf update unbound --releasever...
Low: java-22-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...
Important: dotnet6.0
Issue Overview: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability CVE-2024-21409 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0 --releasever 2023.4.20240429 to update your system. New Packages: aarch64: ...
Low: java-21-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...
Important: nodejs20
Issue Overview: NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/ CVE-2024-27982 An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data i...
Important: glibc
Issue Overview: The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...
Important: tomcat
Issue Overview: Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through...
Important: kernel
Issue Overview: dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount. CVE-2023-52429 In the Linux kernel, the following vulnerability has been...
Important: kernel
Issue Overview: dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount. CVE-2023-52429 In the Linux kernel, the following vulnerability has been...
Medium: kernel
Issue Overview: dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount. CVE-2023-52429 In the Linux kernel, the following vulnerability has been...
Important: perl-Cpanel-JSON-XS
Issue Overview: The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service. CVE-2022-48623 Affected Packages: perl-Cpanel-JSON-XS Issue Correction: Run dnf update perl-Cpanel-JSON-XS...
Important: nodejs20
Issue Overview: The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. This misleading documentation affects all users using the experimental permission model in active release lines: 20.x and 21.x. Please note...
Important: amazon-ssm-agent
Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...
Important: cifs-utils
Issue Overview: A stack-based buffer overflow issue was found in pifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges. CVE-2022-27239 A flaw was found in cifs-utils. When verbose logging is enabled, invalid credentials file lines may be...
Important: kernel-livepatch-4.14.328-248.540
Issue Overview: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable...
Important: java-1.8.0-amazon-corretto
Issue Overview: A vulnerability that allows an attacker to execute arbitrary java code from the javascript engine even though the option "--no-java" was set. CVE-2024-20918 With carefully crafted custom bytecodes, arbitrary unverified bytecodes could be executed. CVE-2024-20919 Loop optimizations...
Important: kernel
Issue Overview: When a router encounters an IPv6 packet too big to transmit to the next-hop, it returns an ICMP6 "Packet Too Big" PTB message to the sender. The sender caches this updated Maximum Transmission Unit MTU so it knows not to exceed this value when subsequently routing to the same host...
Medium: rust
Issue Overview: Cargo downloads a Rust project's dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by cargo build --timings. A malicious package included as a dependency may inject...
Medium: ansible-core
Issue Overview: The upstream bug report describes this issue as follows: A flaw was found in Ansible, where a user's controller is vulnerable to template injection when internal templating operations may errantly remove the unsafe designation from template data. CVE-2023-5764 Affected Packages:...
Medium: libssh
Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...
Important: kernel-livepatch-5.10.192-182.736
Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 A use-after-free vulnerability in the Linux kernel's netfilter: nftables compone...
Important: openssl
Issue Overview: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of...
Important: kernel
Issue Overview: A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...
Important: kernel
Issue Overview: An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in drivers/usb/core/sysfs.c. CVE-2023-37453 nftables out-of-bounds read in nfosfmatchone CVE-2023-39189 A flaw was found in the Netfilter subsyste...
Medium: cups
Issue Overview: A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an attacker-crafted CUPS document, possibly leading to a heap-based buffer overflow and code execution. CVE-2023-4504 Affected Packages: cups Issue...
Important: tomcat
Issue Overview: A deserialization flaw was discovered in Apache Tomcat's use of a FileStore. Under specific circumstances, an attacker can use a specially crafted request to trigger Remote Code Execution through deserialization of the file under their control. The highest threat from the...
Important: tomcat
Issue Overview: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat...
Important: firefox
Issue Overview: Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough...
Important: tomcat
Issue Overview: A flaw was found in Spring Framework, specifically within two modules called Spring MVC and Spring WebFlux, transitively affected from Spring Beans, using parameter data binding. This flaw allows an attacker to pass specially-constructed malicious requests to certain parameters an...
Important: kernel
Issue Overview: A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the...
Medium: kernel
Issue Overview: A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if deviceadd fails CVE-2023-53174 I...
Important: kernel-livepatch-5.10.179-166.674
Issue Overview: A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of...
Important: golang
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Medium: poppler
Issue Overview: Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the...
Medium: kernel
Issue Overview: An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfssetea in fs/ntfs3/xattr.c. CVE-2022-48502 A side channel vulnerability on some of the AMD CPUs may allow a...
Important: perl-HTTP-Tiny
Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Issue Correction: Run dnf update perl-HTTP-Tiny --releasev...