8694 matches found
Medium: haproxy2
Issue Overview: HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server. CVE-2023-45539 Affected...
Medium: java-1.8.0-openjdk
Issue Overview: Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this...
Important: kernel
Issue Overview: A race condition leading to a use-after-free issue was found in the QXL driver in the Linux kernel. CVE-2023-39198 An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an iouring/fdinfo.c iouringshowfdinfo NULL pointer dereference can occur...
Medium: squid
Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to...
Important: ghostscript
Issue Overview: An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. CVE-2023-46751 Affected Packages: ghostscript Issue Correction: Run dnf update ghostscript --releaseve...
Low: vim
Issue Overview: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory...
Important: grpc
Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 Affected Packages: grpc Issue Correction: Run dnf update grpc --releaseve...
Medium: golang
Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...
Important: squid
Issue Overview: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remot...
Important: ecs-init
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Important: ecs-init
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Medium: p7zip
Issue Overview: p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp. CVE-2022-47069 Affected Packages: p7zip Issue Correction: Run dnf update p7zip --releasever 2023.3.20240108 or dnf...
Medium: p7zip
Issue Overview: p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp. CVE-2022-47069 Affected Packages: p7zip Issue Correction: Run dnf update p7zip --releasever 2023.3.20240108 to upda...
Important: bluez
Issue Overview: bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 Affected Packages: bluez Issue Correction: Run dnf update bluez --releasever 2023.3.20240108 to update your system. New Packages: aarch64: ...
Important: grpc
Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 Affected Packages: grpc Issue Correction: Run dnf update grpc --releaseve...
Medium: ncurses
Issue Overview: NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component ncwrapentry. CVE-2023-50495 Affected Packages: ncurses Issue Correction: Run dnf update ncurses --releasever 2023.3.20240108 or dnf update --advisory ALAS2023-2024-466 --releasever 2023.3.2024010...
Medium: ansible-core
Issue Overview: The upstream bug report describes this issue as follows: A flaw was found in Ansible, where a user's controller is vulnerable to template injection when internal templating operations may errantly remove the unsafe designation from template data. CVE-2023-5764 Affected Packages:...
Medium: gnutls
Issue Overview: A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. Only TLS ciphertext processing is affected. CVE-2023-5981 Affected Packages: gnutls Issue Correction:...
Medium: bouncycastle
Issue Overview: Bouncy Castle for Java before 1.73 contains a potential Denial of Service DoS issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file...
Medium: jtidy
Issue Overview: An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CVE-2023-34623 Affected Packages: jtidy Issue Correction: Run dnf update jtidy --releasever 2023.3.20240108 or dnf...
Medium: gnutls
Issue Overview: A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. Only TLS ciphertext processing is affected. CVE-2023-5981 Affected Packages: gnutls Issue Correction:...
Important: ghostscript
Issue Overview: An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. CVE-2023-46751 Affected Packages: ghostscript Issue Correction: Run dnf update ghostscript --releaseve...
Low: curl
Issue Overview: When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. CVE-2023-46219 Affected Packages: curl Issue Correction: Run dnf update curl --releasev...
Medium: ansible-core
Issue Overview: The upstream bug report describes this issue as follows: A flaw was found in Ansible, where a user's controller is vulnerable to template injection when internal templating operations may errantly remove the unsafe designation from template data. CVE-2023-5764 Affected Packages:...
Important: postgresql15
Issue Overview: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirm...
Low: vim
Issue Overview: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory...
Medium: jtidy
Issue Overview: An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. CVE-2023-34623 Affected Packages: jtidy Issue Correction: Run dnf update jtidy --releasever 2023.3.20240108 to updat...
Low: curl
Issue Overview: When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. CVE-2023-46219 Affected Packages: curl Issue Correction: Run dnf update curl --releasev...
Medium: libssh
Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...
Medium: golang
Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...
Low: tar
Issue Overview: It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could supply a specially crafted file and cause tar to crash, resulting in a denial of service. CVE-2023-39804 Affected Packages: tar Issue Correction: Run dnf update tar --releasever...
Low: tar
Issue Overview: It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could supply a specially crafted file and cause tar to crash, resulting in a denial of service. CVE-2023-39804 Affected Packages: tar Issue Correction: Run dnf update tar --releasever...
Important: postgresql15
Issue Overview: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirm...
Medium: bouncycastle
Issue Overview: Bouncy Castle for Java before 1.73 contains a potential Denial of Service DoS issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file...
Medium: ecs-init
Issue Overview: Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack. CVE-2023-3978 Affected Packages: ecs-init Issue Correction: Run dnf update ecs-init --releasever 2023.3.20240108 or dnf update...
Medium: ncurses
Issue Overview: NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component ncwrapentry. CVE-2023-50495 Affected Packages: ncurses Issue Correction: Run dnf update ncurses --releasever 2023.3.20240108 to update your system. New Packages: aarch64: ...
Medium: ecs-init
Issue Overview: Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack. CVE-2023-3978 Affected Packages: ecs-init Issue Correction: Run dnf update ecs-init --releasever 2023.3.20240108 to update you...
Medium: libssh
Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...
Important: squid
Issue Overview: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remot...
Medium: tomcat9
Issue Overview: Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header siz...
Medium: tomcat9
Issue Overview: Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header siz...
Important: bluez
Issue Overview: bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 Affected Packages: bluez Issue Correction: Run dnf update bluez --releasever 2023.3.20240108 or dnf update --advisory ALAS2023-2024-473 --releasever 2023.3.2024010...
Medium: openssh
Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...
Important: kernel-livepatch-6.1.55-75.123
Issue Overview: x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5090 A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same...
Important: kernel-livepatch-6.1.59-84.139
Issue Overview: x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5090 A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's...
Important: kernel-livepatch-6.1.61-85.141
Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possib...
Important: kernel-livepatch-6.1.56-82.125
Issue Overview: x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5090 A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's...
Important: kernel-livepatch-6.1.52-71.125
Issue Overview: An integer overflow in kmallocreserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. CVE-2023-42752 An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel...
Important: kernel-livepatch-6.1.49-70.116
Issue Overview: An integer overflow in kmallocreserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. CVE-2023-42752 An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel...
Important: kernel-livepatch-6.1.49-69.116
Issue Overview: An integer overflow in kmallocreserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. CVE-2023-42752 An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel...