K000140620: Apache HTTPD vulnerabilities CVE-2024-38474 and CVE-2024-38475

Security Advisory Description CVE-2024-38474 Substitution encoding issue in modrewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to b...

K000140250: Expat vulnerability CVE-2023-52426

Security Advisory Description libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time. CVE-2023-52426 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the...

K000139917: Libxml2 vulnerability CVE-2022-40303

Security Advisory Description An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading ...

K000139685: Python vulnerability CVE-2023-40217

Security Advisory Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the...

K000139577: Node.js vulnerability CVE-2024-21890

Security Advisory Description The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/.pub will ignore pub and give access to everything after .ssh/. This misleading...

K000138912: BIG-IP SSL vulnerability CVE-2024-28889

Security Advisory Description When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-28889 Impact Traffic is...

K000138898: BIG-IP Advanced WAF/ASM, BIG-IP Next WAF, and NGINX App Protect WAF attack signature check failure

Security Advisory Description BIG-IP Advanced WAF/ASM, BIG-IP Next WAF, or NGINX App Protect WAF may fail to match an attack signature. This issue occurs when all of the following conditions are met: The affected security policy has a large number of attack signatures enabled for example, all or...

K000139152: Linux kernel vulnerability CVE-2023-2006

Security Advisory Description A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute...

K000139043: Apache Struts vulnerabilities CVE-2016-4430, CVE-2016-4431, and CVE-2016-4433

Security Advisory Description CVE-2016-4430 Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors. CVE-2016-4431 Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers ...

K000137886: BIG-IP Next CNF vulnerability CVE-2024-23306

Security Advisory Description A vulnerability exists in BIG-IP Next CNF systems that may allow access to undisclosed sensitive files. CVE-2024-23306 Impact An authenticated attacker may be able to modify or remove undisclosed configuration files causing a loss of confidentiality and integrity. Th...

K000137675: BIG-IP HTTP/2 vulnerability CVE-2024-23314

Security Advisory Description When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-23314 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote...

K000138056: Wireshark vulnerability CVE-2018-14438

Security Advisory Description In Wireshark through 2.6.2, the createapprunningmutex function in wsutil/fileutil.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. CVE-2018-14438 Impact There is no impact; F5 products are not...

K000137871: Linux kernel vulnerability CVE-2023-35001

Security Advisory Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nftbyteorder poorly handled vm register contents when CAPNETADMIN is in any user or network namespace CVE-2023-35001 Impact This vulnerability may allow an authenticated attacker with local access to...

K000137734: MariaDB/MySQL vulnerability CVE-2023-22084

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

K20850144: BIG-IP and BIG-IQ DB variable vulnerability CVE-2023-41964

Security Advisory Description The BIG-IP and BIG-IQ systems do not encrypt the values of two Database DB variables, a password used for a proxy server connection and a RADIUS/TACACS+ shared secret. CVE-2023-41964 Impact An authenticated attacker may be able to gain access to privileged informatio...

K000137105: libvpx vulnerability CVE-2023-5217

Security Advisory Description Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High CVE-2023-5217 Impact There is no impac...

K000135854: ESAPI (The OWASP Enterprise Security API) vulnerability CVE-2022-23457

Security Advisory Description ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of Validator.getValidDirectoryPathString, String, File, boolean may incorrectly treat the tested input strin...

K000135627: Oracle MySQL vulnerability CVE-2023-22057

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

K000135555: Java vulnerabilities CVE-2020-2756 and CVE-2020-2757

Security Advisory Description CVE-2020-2756 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows...

K000135314: GO vulnerability CVE-2022-28327

Security Advisory Description The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. CVE-2022-28327 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Developme...

K000135149: Oracle Java SE vulnerability CVE-2023-21938

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 a...

K000134671: Paramiko vulnerability CVE-2018-1000805

Security Advisory Description Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. CVE-2018-1000805 Impact There is no impact; F5...

K000134573: MySQL vulnerability CVE-2023-21971

Security Advisory Description Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

K000134475: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2023-21911 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

K000132726: BIG-IP Configuration utility XSS vulnerability CVE-2023-27378

Security Advisory Description Multiple reflected cross-site scripting XSS vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility that allow an attacker to run JavaScript in the context of the currently logged-in user. CVE-2023-27378 Impact An attacker may exploit this...

K000133710: apache-commons-compress vulnerability CVE-2021-36090

Security Advisory Description When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress'...

K000133317: Intel software vulnerability CVE-2022-21163

Security Advisory Description Improper access control in the Crypto API Toolkit for IntelR SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2022-21163 Impact There is no impact; F5 products are not affecte...

K000133223: Samba vulnerability CVE-2022-3437

Security Advisory Description A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated...

K000132703: HAProxy vulnerability CVE-2021-40346

Security Advisory Description An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. CVE-2021-40346 Impact There is no...

K60924046: Linux kernel vulnerability CVE-2019-12615

Security Advisory Description An issue was discovered in getvdevportnodeinfo in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdupconst of nodeinfo-vdevport.name, which might allow an attacker to cause a denial of service NULL pointer dereference and system...

K55143785: NSS vulnerability CVE-2017-7502

Security Advisory Description Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker. CVE-2017-7502 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

K03125360: F5 iRules 'RESOLV::lookup' command vulnerability CVE-2020-5941

Security Advisory Description Using the RESOLV::lookup command within an iRule may cause the Traffic Management Microkernel TMM to generate a core file and restart. This issue occurs when data exceeding the maximum limit of a host name passes to the RESOLV::lookup command. CVE-2020-5941 Impact Th...

K11274054: GNU C Library vulnerability CVE-2018-6551

Security Advisory Description The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that is smaller...

K05510205: Linux kernel vulnerability CVE-2018-14678

Security Advisory Description An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usag...

K38315305: FreeType vulnerability CVE-2015-9290

Security Advisory Description In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1GetPrivateDict where there is no check that the new values of cur and limit are sensible before going to Again. CVE-2015-9290 Impact A local unprivileged attacker can perform a...

K15274: TCP reassembly vulnerability CVE-2014-3000

Security Advisory Description The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service undefined memory access and system crash or possibly read system memory via...

K65397301: iRules RESOLVER::summarize memory leak vulnerability CVE-2021-23049

Security Advisory Description When the iRules RESOLVER::summarize command is used on a virtual server, undisclosed requests can cause an increase in Traffic Management Microkernel TMM memory utilization resulting in an out-of-memory condition and a denial-of-service DoS. CVE-2021-23049 Impact...

K5873: PAM conversation stack corruption in OpenSSH - CVE-2003-0787

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K06440657: BIG-IP Advanced WAF and ASM iControl REST vulnerability CVE-2021-23001

Security Advisory Description The upload functionality in BIG-IP Advanced WAF and ASM allows an authenticated user to upload files to the BIG-IP system using a call to an undisclosed iControl REST endpoint. CVE-2021-23001 Impact An authenticated malicious user can upload malicious files to use in...

K40625021: BIG-IP APM portal access vulnerability CVE-2018-15310

Security Advisory Description A vulnerability in BIG-IP APM portal access discloses the BIG-IP software version in rewritten pages. CVE-2018-15310 Impact The BIG-IP version may be exposed to users with valid BIG-IP APM portal access sessions. Security Advisory Status F5 Product Development has...

K12936322: BIG-IP restjavad vulnerability CVE-2020-5912

Security Advisory Description The restjavad process dump command does not follow current best coding practices and may overwrite arbitrary files. CVE-2020-5912 Impact A locally authenticated attacker may exploit this vulnerability by overwriting arbitrary files on the file system. Security Adviso...

K01993501: Linux kernel vulnerability CVE-2016-10906

Security Advisory Description An issue was discovered in drivers/net/ethernet/arc/emacmain.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arcemactx and arcemactxclean. CVE-2016-10906 Impact There is no impact; F5 products are not affected by...

K61643620: BIG-IP TMUI XSS vulnerability CVE-2021-23038

Security Advisory Description A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2021-23038 Impact An authenticated attacker may exploit...

K15310332: BIG-IP APM open redirect vulnerability CVE-2020-27729

Security Advisory Description An undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI. CVE-2020-27729 Impact An attacker can create a URL with a specially crafted value and trick BIG-IP APM users into visiting the link. Victims may be redirected ...

K77215791: Linux kernel vulnerability CVE-2017-7277

Security Advisory Description The TCP stack in the Linux kernel through 4.10.6 mishandles the SCMTIMESTAMPINGOPTSTATS feature, which allows local users to obtain sensitive information from the kernels internal socket data structures or cause a denial of service out-of-bounds read via crafted syst...

K31833420: Multiple Oracle Java SE vulnerabilities

Security Advisory Description CVE-2022-21305 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and...

K48209417: PostgreSQL vulnerabilities CVE-2018-10915 and CVE-2018-10925

Security Advisory Description CVE-2018-10915 A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrust...

K04154823: Oracle Java SE vulnerability CVE-2019-2426

Security Advisory Description Vulnerability in the Java SE component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

K02138183: BIND vulnerability CVE-2016-9147

Security Advisory Description named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a response containing an inconsistency among the DNSSEC-related RRsets. CVE-2016-9147 Impact When the BIND...

K15939: pl_tree.php XSS vulnerability CVE-2014-9342

Security Advisory Description Cross-site scripting XSS vulnerability in the tree view pltree.php feature in Application Security Manager ASM in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation...