Bootstrap Os Security Vulnerabilities and Issues — Bootstrap Os CVE List

Lucene search

NetappBootstrap Os

9 matches found

CVE•added 2024/04/11 2:15 p.m.•2972 views

CVE-2023-29483

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which ...

7CVSS6.3AI score0.03733EPSS

CVE•added 2024/12/17 1:15 p.m.•809 views

CVE-2024-50379

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10...

9.8CVSS9.4AI score0.88612EPSS

CVE•added 2024/12/20 4:15 p.m.•654 views

CVE-2024-56337

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensiti...

9.8CVSS6.5AI score0.88612EPSS

CVE•added 2024/07/16 11:15 p.m.•343 views

CVE-2024-21147

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

7.4CVSS7.2AI score0.0037EPSS

CVE•added 2024/09/03 4:15 p.m.•314 views

CVE-2024-6119

Issue summary: Applications performing certificate name checks (e.g., TLSclients checking server certificates) may attempt to read an invalid memoryaddress resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial ofser...

7.5CVSS6.5AI score0.00672EPSS

CVE•added 2024/07/16 11:15 p.m.•299 views

CVE-2024-21140

4.8CVSS5.1AI score0.00193EPSS

CVE•added 2024/04/13 3:15 p.m.•144 views

CVE-2024-32487

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LES...

8.6CVSS9.2AI score0.00171EPSS

CVE•added 2024/12/17 1:15 p.m.•124 views

CVE-2024-54677

Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. Users are recommended to upgrade to ...

5.3CVSS6.5AI score0.06406EPSS

CVE•added 2024/10/15 8:15 p.m.•65 views

CVE-2024-21211

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21...

3.7CVSS3AI score0.00075EPSS