K000148694: nghttp2 vulnerabilities CVE-2023-35945 and CVE-2020-11080

Security Advisory Description CVE-2023-35945 Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RSTSTREAM immediately followed by the GOAWAY frames from an upstream server. In nghttp2, cleanup of...

K000148693: libssh2 vulnerability CVE-2015-1782

Security Advisory Description The kexagreemethods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service crash or have other unspecified impact via crafted length values in an SSHMSGKEXINIT packet. CVE-2015-1782 Impact There is no impact; F5 products are not affected ...

K000148495: libssh vulnerability CVE-2023-1667

Security Advisory Description A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. CVE-2023-1667 Impact This vulnerability may allow an authenticated client to cause a denial-of-service...

K000148691: qt vulnerabilities CVE-2022-25634 and CVE-2020-0570

Security Advisory Description CVE-2022-25634 Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. CVE-2020-0570 Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable...

K000148687: qt vulnerabilities CVE-2018-21035, CVE-2015-1290, CVE-2013-0254, and CVE-2023-43114

Security Advisory Description CVE-2018-21035 In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption. CVE-2015-1290 The Google V8...

K000148650: Intel processor vulnerabilities CVE-2024-22185 and CVE-2024-24985

Security Advisory Description CVE-2024-22185 Time-of-check Time-of-use Race Condition in some IntelR processors with IntelR ACTM may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-24985 Exposure of resource to wrong sphere in some IntelR processor...

K000148649: Apache Commons vulnerability CVE-2024-47554

Security Advisory Description Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0...

K000148646: libarchive vulnerability CVE-2018-1000879

Security Advisory Description libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards release v3.3.0 onwards contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archiveacl.c, archiveaclfromtextl that can result in Crash/DoS. This attack appear ...

K000148643: Curl vulnerability CVE-2022-27780

Security Advisory Description The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a different URL usingthe wrong host name when it is later retrieved.For example, a URL like http://example.com%2F127.0.0.1/, would be allow...

K000148640: golang: net/http, x/net/http2 vulnerability CVE-2023-45288

Security Advisory Description An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's...

K000148639: libarchive vulnerabilities CVE-2024-48957 and CVE-2024-48958

Security Advisory Description CVE-2024-48957 executefilteraudio in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. CVE-2024-48958 executefilterdelta in archivereadsupportformatrar.c in libarchive befo...

K000148638: Linux kernel vulnerability CVE-2024-36270

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 1 PREEMPT SMP KASAN PTI KASAN:...

K000148609: Intel vulnerabilities CVE-2024-28885 and CVE-2024-31074

Security Advisory Description CVE-2024-28885 Observable discrepancy in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. CVE-2024-31074 Observable timing discrepancy in some IntelR QAT Engine for OpenSSL software before version...

K000148608: Intel Xeon vulnerability CVE-2024-21820

Security Advisory Description Incorrect default permissions in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-21820 Impact There is no impact; F5 products are n...

K000148607: OpenSSL vulnerability CVE-2022-1292

Security Advisory Description The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary comman...

K000148606: Spring vulnerability CVE-2021-22119

Security Advisory Description Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service DoS attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. ...

K000148605: Highlight.js vulnerability CVE-2020-26237

Security Advisory Description Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during...

K000148582: Intel Server Board vulnerabilities CVE-2024-31154, CVE-2024-31158, CVE-2024-39609, CVE-2024-40885, and CVE-2024-41167

Security Advisory Description CVE-2024-31154 Improper input validation in UEFI firmware for some IntelR Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-31158 Improper input validation in UEFI firmware in some IntelR Server Boar...

K000148599: Java vulnerability CVE-2024-21211

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM...

K000148598: pac4j vulnerability CVE-2023-25581

Security Advisory Description pac4j is a security framework for Java. pac4j-core prior to version 4.0.0 is affected by a Java deserialization vulnerability. The vulnerability affects systems that store externally controlled values in attributes of the UserProfile class from pac4j-core. It can be...

K000148584: Intel Xeon Processor vulnerability CVE-2024-23918

Security Advisory Description Improper conditions check in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-23918 Impact There is no impact; F5 products are not...

K000148583: Intel QAT Engine for OpenSSL vulnerability CVE-2024-33617

Security Advisory Description Insufficient control flow management in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. CVE-2024-33617 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

K000148511: WebKitGTK and WPE WebKit vulnerability CVE-2023-42950

Security Advisory Description A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...

K000148494: SQLite vulnerability CVE-2020-13631

Security Advisory Description SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. CVE-2020-13631 Impact A local, authenticated attacker with root-level privileges can exploit the vulnerability to modify SQLite files...

K000148479: Linux kernel vulnerability CVE-2023-52881

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guideline...

K000148488: MySQL vulnerabilities CVE-2024-21243 and CVE-2024-21237

Security Advisory Description CVE-2024-21243 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Telemetry. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access...

K000148486: SQLite vulnerabilities CVE-2020-15358, CVE-2020-13632, CVE-2020-13435, and CVE-2020-13434

Security Advisory Description CVE-2020-15358 In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. CVE-2020-13632 ext/fts3/fts3snippet.c in SQLite before 3.32.0...

K000148485: qt vulnerabilities CVE-2017-10905 and CVE-2014-0190

Security Advisory Description CVE-2017-10905 A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors. CVE-2014-0190 The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of...

K000148484: SQLite vulnerabilities CVE-2019-19645, CVE-2016-6153, and CVE-2015-6607

Security Advisory Description CVE-2019-19645 alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. CVE-2016-6153 osunix.c in SQLite before 3.13.0 improperly implements the temporary...

K000148483: libssh vulnerabilities CVE-2019-14889 and CVE-2023-3603

Security Advisory Description CVE-2019-14889 A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the librar...

K000148482: Sudo vulnerability CVE-2019-19234

Security Advisory Description In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The...

K000148478: PostgreSQL pgAdmin vulnerability CVE-2024-9014

Security Advisory Description pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. CVE-2024-9014 Impact There is no impact; F...

K000148476: Oracle Java SE vulnerabilities CVE-2024-21217 and CVE-2024-21235

Security Advisory Description CVE-2024-21217 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23;...

K000148467: MySQL vulnerabilities CVE-2024-21262 and CVE-2024-21272

Security Advisory Description CVE-2024-21262 Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/ODBC. Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

K000148466: MySQL vulnerabilities CVE-2024-21197 and CVE-2024-21193

Security Advisory Description CVE-2024-21197 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged...

K000148465: Spring framework vulnerability CVE-2024-38816

Security Advisory Description Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process i...

K000141313: OpenSSL vulnerability CVE-2024-2511

Security Advisory Description Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem...

K000148436: Linux kernel vulnerabilities CVE-2020-36558, CVE-2023-2002, CVE-2023-4622, and CVE-2023-4623

Security Advisory Description CVE-2020-36558 A race condition in the Linux kernel before 5.5.7 involving VTRESIZEX could lead to a NULL pointer dereference and general protection fault. CVE-2023-2002 A vulnerability was found in the HCI sockets implementation due to a missing capability check in...

K000148421: Multiple Shim vulnerabilities

Security Advisory Description CVE-2023-40546 A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match th...

K000148232: NGINX OpenID Connect vulnerability CVE-2024-10318

Security Advisory Description A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where a nonce was not checked at login time. This flaw allows an attacker to fix a victim's session to an attacker-controlled account. As a result, although the attacker...

K000148401: libxml2 vulnerability CVE-2024-34459

Security Advisory Description An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. CVE-2024-34459 Impact There is no impact; F5 products ar...

K000148382: Apache Tomcat Connectors vulnerability CVE-2024-46544

Security Advisory Description Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors:...

K000148381: Node.js vulnerability CVE-2021-22883

Security Advisory Description Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the...

K000148380: MySQL vulnerability CVE-2024-21204

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PS. Supported versions that are affected are 8.4.0 and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

K000148379: MySQL vulnerability CVE-2024-21196

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access...

K000148378: Kerberos vulnerability CVE-2024-26461

Security Advisory Description Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. CVE-2024-26461 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the...

K000148362: MySQL vulnerability CVE-2024-21203

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...

K000148354: Apache vulnerability CVE-2024-40725

Security Advisory Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source...

K000148343: Diffie-Hellman key exchange protocol vulnerability CVE-2024-41996

Security Advisory Description Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers from the client side to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client...

K000148351: PostgreSQL vulnerabilities CVE-2017-15098, CVE-2017-14798, CVE-2016-7048, CVE-2016-5424, and CVE-2016-5423

Security Advisory Description CVE-2017-15098 Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...