7 matches found
CVE-2023-50782
CVE-2023-50782 affects the python-cryptography library across multiple Linux distributions. The underlying issue is a Bleichenbacher timing/PKCS#1 v1.5 RSA decryption handling flaw that could allow a remote attacker to decrypt TLS RSA-exchange messages, potentially exposing confidential data. Aff...
CVE-2022-3644
CVE-2022-3644 affects the collection remote for pulp_ansible, where tokens are stored in plaintext instead of pulp’s encrypted field and are exposed in read/write mode via the API rather than being write-only. This leads to potential disclosure of sensitive tokens (confidentiality impact per the ...
CVE-2023-50781
CVE-2023-50781 affects the Python m2crypto library and relates to Bleichenbacher timing attacks against RSA decryption, enabling potential remote decryption of TLS traffic that uses RSA key exchanges. The vulnerability is tied to m2crypto’s RSA decryption API, with references noting this as an in...
CVE-2026-48864
CVE-2026-48864 affects libsolv. The issue is a heap buffer overflow during decompression of attacker-controlled data in .solv files, caused by insufficient input validation in repopagestore. This can lead to out-of-bounds memory access with potential information disclosure, alteration of program ...
CVE-2013-4518
Affected product: RHUI (Red Hat Update Infrastructure) 2.1.3. The vulnerability involves world‑readable PKI entitlement certificates, enabling information disclosure of sensitive PKI data. Root cause details are not fully specified in the provided documents, but the CNVD entry explicitly notes an...
CVE-2026-9150
Libsolv contains a stack-based buffer overflow in the Debian metadata parser when processing specially crafted Debian repository metadata. The vulnerability is triggered by malicious SHA384/SHA512 checksum tags, causing memory corruption and a denial of service. Affected component: libsolv’s Debi...
CVE-2026-9149
The CVE-2026-9149 entry describes a heap buffer overflow in libsolv, triggered when processing a crafted .solv file that contains negative size values fed to the repo_add_solv function. This results in an undersized allocation followed by an out-of-bounds write, enabling a potential denial of ser...