K000138444: NGINX HTTP/3 QUIC vulnerability CVE-2024-24989

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. CVE-2024-24989 Note : The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information,...

K000137522: BIG-IP iControl REST vulnerability CVE-2024-22093

Security Advisory Description When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint on multi-bladed systems. A successful exploit can allow the attacker to cross a security boundary. CVE-2024-22093 Impact This...

K000137416: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2024-23308

Security Advisory Description When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based...

K000138047: BIG-IP Advanced WAF and BIG-IP ASM Configuration utility vulnerability CVE-2024-23603

Security Advisory Description A SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. CVE-2024-23603 Impact A highly privileged authenticated attacker can exploit this vulnerability to execute malicious SQL statements through the BIG-IP Configuration...

K000134516: BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability CVE-2024-23979

Security Advisory Description When an SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. CVE-2024-23979 Impact System performance can...

K000133111: F5OS vulnerability CVE-2024-24966

Security Advisory Description When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. CVE-2024-24966 Impact This vulnerability may allow an LDAP authenticated attacker to bypass intended access restrictions. There is no data...

K000135873: BIG-IP Websockets vulnerability CVE-2024-21849

Security Advisory Description When an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM process to terminate. CVE-2024-21849 Impact Traffic is disrupted while the TMM process restarts...

K000137595: BIG-IP AFM signature matching vulnerability CVE-2024-21771

Security Advisory Description For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel TMM restarting and traffic disruption. CVE-2024-21771 Impact When attackers exploit this...

K000132800: F5OS QKView utility vulnerability CVE-2024-23607

Security Advisory Description A directory traversal vulnerability exists in the F5OS QKView utility that allows an authenticated attacker to read files outside the QKView directory. CVE-2024-23607 Impact An authenticated attacker may exploit this vulnerability by executing a crafted QKView utilit...

K32544615: BIG-IP iControl REST API vulnerability CVE-2024-22389

Security Advisory Description When BIG-IP is deployed in high availability HA and an iControl REST API token is updated, the change does not sync to the peer device. CVE-2024-22389 Impact This vulnerability may allow a high privileged remote authenticated attacker to use deleted or updated API...

K000138600: Python vulnerability CVE-2023-43804

Security Advisory Description urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a Cookie heade...

K000138586: Node.js c-areas vulnerability CVE-2023-31130

Security Advisory Description c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would...

K000138582: TorchServe vulnerability CVE-2023-43654

Security Advisory Description TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage ...

K000138577: Python-asyncssh vulnerability CVE-2023-46446

Security Advisory Description An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack." CVE-2023-46446 Impact There is no impact; F5 products are not affected by this...

K000138576: Python-asyncssh vulnerability CVE-2023-46445

Security Advisory Description An issue in AsyncSSH before 2.14.1 allows attackers to control the extension info message RFC 8308 via a man-in-the-middle attack, aka a "Rogue Extension Negotiation." CVE-2023-46445 Impact There is no impact; F5 products are not affected by this vulnerability...

K000138517: Python-Pillow vulnerability CVE-2023-44271

Security Advisory Description An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an...

K000138511: Linux kernel vulnerability CVE-2023-38427

Security Advisory Description An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts. CVE-2023-38427 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

K000138509: ftpd vulnerabilities CVE-1999-0082 and CVE-1999-0201

Security Advisory Description CVE-1999-0082 CWD root command in ftpd allows root access. CVE-1999-0201 A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. Impact There is no impact; F5 products are not affected by these vulnerabilities. Security...

K000138508: mod_ssl vulnerability CVE-2004-0700

Security Advisory Description Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are...

K000138462: Oracle Java vulnerabilities CVE-2024-20922, CVE-2024-20923

Security Advisory Description CVE-2024-20922 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to...

K000138461: MIT Kerberos 5 vulnerability CVE-2023-39975

Security Advisory Description kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. CVE-2023-39975 Impact There is no impact...

K000138460: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2024-20960 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: RAPID. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via...

K000138452: Intel CPU BIOS vulnerabilities CVE-2023-25756 and CVE-2023-22329

Security Advisory Description CVE-2023-25756 Out-of-bounds read in the BIOS firmware for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent access. CVE-2023-22329 Improper input validation in the BIOS firmware for some IntelR Processo...

K000138426: glibc vulnerabilities CVE-2023-6246, CVE-2023-6779, and CVE-2023-6780

Security Advisory Description CVE-2023-6246 A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set t...

K000138425: SQLite vulnerability CVE-2023-7104

Security Advisory Description A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow...

K000138392: Apache Tomcat vulnerability CVE-2024-21733

Security Advisory Description Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which...

K000138264: SSH vulnerability CVE-2023-48795

Security Advisory Description The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may...

K000138242: OpenSSL vulnerability CVE-2023-5678

Security Advisory Description Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise,...

K000138178: Apache Tomcat vulnerability CVE-2023-42795

Security Advisory Description Incomplete Cleanup vulnerability in Apache Tomcat. When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could cause Tomcat to...

K000138255: Go OpenTelemetry Contrib vulnerability CVE-2023-47108

Security Advisory Description OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

K000138219: libssh2 vulnerability CVE-2020-22218

Security Advisory Description An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory. CVE-2020-22218 Impact An attacker may be able to cause disclosure of information from process memory. Security Advisory Status F5 Product Developme...

K000138199: Apache Superset vulnerability CVE-2023-27524

Security Advisory Description Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRETKEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This...

K000138198: OpenSSL vulnerability CVE-2023-6129

Security Advisory Description Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influenc...

K000138177: OpenSSL vulnerability CVE-2023-5363

Security Advisory Description Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in...

K000138114: open-vm-tools vulnerability CVE-2023-34058

Security Advisory Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https : //docs . vmware . com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtu...

K000138103: Oracle Java SE vulnerabilities CVE-2023-22067 and CVE-2023-22081

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable...

K000138057: mod_ssl vulnerabilities CVE-2002-1157 and CVE-2002-0653

Security Advisory Description CVE-2002-1157 Cross-site scripting vulnerability in the modssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on...

K000138056: Wireshark vulnerability CVE-2018-14438

Security Advisory Description In Wireshark through 2.6.2, the createapprunningmutex function in wsutil/fileutil.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. CVE-2018-14438 Impact There is no impact; F5 products are not...

K000138050: Apache Tomcat vulnerability CVE-2023-41081

Security Advisory Description Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied...

K000137966: Apache Tomcat vulnerability CVE-2023-42794

Security Advisory Description Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Window...

K000137969: OpenSSL vulnerability CVE-2023-3817

Security Advisory Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters tha...

K000137965: Apache Tomcat vulnerability CVE-2023-45648

Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid...

K000137926: Apache Tomcat vulnerability CVE-2023-46589

Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded...

K000137940: Multiple Oracle MySQL vulnerabilities

Security Advisory Description CVE-2023-22015 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.42 and prior and 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access...

K000137931: Apache Struts vulnerability CVE-2023-50164

Security Advisory Description An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts...

K000137887: Oracle GraalVM vulnerability CVE-2023-22091

Security Advisory Description Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Compiler. Supported versions that are affected are Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3...

K000137875: PostGreSQL vulnerability CVE-2018-1058

Security Advisory Description A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected...

K000137871: Linux kernel vulnerability CVE-2023-35001

Security Advisory Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nftbyteorder poorly handled vm register contents when CAPNETADMIN is in any user or network namespace CVE-2023-35001 Impact This vulnerability may allow an authenticated attacker with local access to...

K000137864: Squid vulnerabilities CVE-2023-46846, CVE-2023-46847, CVE-2023-46848

Security Advisory Description CVE-2023-46846 SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. CVE-2023-46847 Squid is vulnerable to a Denial of Service,...

K000137798: Dbus Subscription Manager vulnerability CVE-2023-3899

Security Advisory Description A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By usi...