Latest netapp hci compute node Vulnerabilities

CVE-2022-45061
A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder ...
redhat/python3<0:3.6.8-48.el8_7.1
redhat/python3.9<0:3.9.14-1.el9_1.2
IBM Cloud Pak for Security<=1.10.0.0 - 1.10.11.0
IBM QRadar Suite Software<=1.10.12.0 - 1.10.16.0
redhat/python<3.11.1
redhat/python<3.10.9
and 51 more
CVE-2022-43680
Apache OpenOffice: "Use after free" fixed in libexpat
debian/expat<=2.2.6-2+deb10u4
debian/expat<=2.2.10-2<=2.4.9-1
redhat/expat<0:2.2.5-10.el8_7.1
redhat/expat<0:2.4.9-1.el9_1.1
redhat/expat<2.5.0
Google Android
and 33 more
CVE-2022-35252
A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTP(S) server, where it accepts cookies using control codes (byte values below 32), a...
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
redhat/curl<0:7.61.1-30.el8
redhat/curl<0:7.76.1-23.el9
Apple macOS Ventura<13.1
Apple macOS Monterey<12.6.3
and 33 more
CVE-2022-37434
A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call in...
redhat/zlib<0:1.2.7-21.el7_9
redhat/zlib<0:1.2.11-19.el8_6
redhat/rsync<0:3.1.3-19.el8
redhat/zlib<0:1.2.11-32.el9_0
redhat/rsync<0:3.2.3-18.el9
debian/zlib<=1:1.2.11.dfsg-1<=1:1.2.11.dfsg-4<=1:1.2.11.dfsg-2+deb11u1
and 63 more
CVE-2022-36946
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-...
redhat/kernel-rt<0:4.18.0-425.3.1.rt7.213.el8
redhat/kernel<0:4.18.0-425.3.1.el8
redhat/kernel<0:5.14.0-162.6.1.el9_1
redhat/kernel-rt<0:5.14.0-162.6.1.rt21.168.el9_1
Linux Linux kernel>=2.6.14<4.9.326
Linux Linux kernel>=4.10<4.14.291
and 132 more
CVE-2022-21549
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle Graal...
debian/openjdk-17
Oracle GraalVM=21.3.2
Oracle GraalVM=22.1.0
Oracle JDK=17.0.3.1
Oracle JRE=17.0.3.1
Azul Zulu=17.34
and 12 more
CVE-2022-21541
An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
Oracle GraalVM=20.3.6
Oracle GraalVM=21.3.2
and 154 more
CVE-2022-34169
Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets
debian/bcel<=6.2-1
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
maven/xalan:xalan<2.7.3
Apache Xalan-Java<=2.7.2
and 158 more
CVE-2022-21540
An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown atta...
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
Oracle GraalVM=20.3.6
Oracle GraalVM=21.3.2
and 155 more
CVE-2022-2047
Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpURI class. By sending a specially-crafted request, an attacker could exploit this...
Eclipse Jetty<9.4.46
Eclipse Jetty>=10.0.0<10.0.9
Eclipse Jetty>=11.0.0<=11.0.9
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Netapp Element Plug-in For Vcenter Server
and 6 more
CVE-2022-2048
### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the...
redhat/jenkins<0:2.401.1.1686831596-3.el8
redhat/jenkins<0:2.361.1.1672840472-1.el8
redhat/jenkins<0:2.361.1.1675668150-1.el8
maven/org.eclipse.jetty.http2:http2-server>=11.0.0<11.0.10
maven/org.eclipse.jetty.http2:http2-server>=10.0.0<10.0.10
maven/org.eclipse.jetty.http2:http2-server<9.4.47
and 14 more
CVE-2022-32208
curl. Multiple issues were addressed by updating to curl version 7.84.0.
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
redhat/curl<0:7.61.1-22.el8_6.4
redhat/curl<0:7.76.1-14.el9_0.5
debian/curl<=7.64.0-4+deb10u2
Apple macOS Ventura<13
and 33 more
CVE-2022-32207
curl. Multiple issues were addressed by updating to curl version 7.84.0.
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
redhat/curl<0:7.76.1-14.el9_0.5
debian/curl
Apple macOS Ventura<13
redhat/curl<7.84.0
and 31 more
CVE-2022-32206
A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited nu...
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
redhat/curl<0:7.61.1-22.el8_6.4
redhat/curl<0:7.61.1-18.el8_4.3
redhat/curl<0:7.76.1-14.el9_0.5
debian/curl<=7.64.0-4+deb10u2
and 57 more
CVE-2022-2068
OpenSSL could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the c_rehash script. By sending a specially-crafted request u...
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el8
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el7
redhat/openssl<1:1.1.1k-7.el8_6
redhat/openssl<1:3.0.1-41.el9_0
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el7
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el8
and 95 more
CVE-2022-30115
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host...
Haxx Curl>=7.82.0<7.83.1
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
NetApp Clustered Data ONTAP
Netapp Solidfire\, Enterprise Sds \& Hci Storage Node
Netapp Solidfire \& Hci Management Node
and 21 more
CVE-2022-27779
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt w...
Haxx Curl>=7.82.0<7.83.1
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
NetApp Clustered Data ONTAP
Netapp Solidfire\, Enterprise Sds \& Hci Storage Node
Netapp Solidfire \& Hci Management Node
and 22 more
CVE-2022-27780
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.Fo...
Haxx Curl>=7.80.0<7.83.1
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
NetApp Clustered Data ONTAP
Netapp Solidfire\, Enterprise Sds \& Hci Storage Node
Netapp Solidfire \& Hci Management Node
and 21 more
CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.
Haxx Curl=7.83.0
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Active Iq Unified Manager Windows
NetApp Clustered Data ONTAP
NetApp OnCommand Insight
NetApp OnCommand Workflow Automation
and 27 more
CVE-2022-1678
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
Linux Linux kernel>=4.18<=4.19
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Cloud Volumes Ontap Mediator
NetApp E-Series SANtricity OS Controller>=11.0<=11.70.2
Netapp Element Software
Netapp Hci Management Node
and 20 more
CVE-2022-30594
A flaw was found in the Linux kernel. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag, possibly disabling seccomp.
Linux Linux kernel<4.19.238
Linux Linux kernel>=4.20<5.4.189
Linux Linux kernel>=5.5.0<5.10.110
Linux Linux kernel>=5.11<5.15.33
Linux Linux kernel>=5.16.0<5.16.19
Linux Linux kernel>=5.17<5.17.2
and 190 more
CVE-2022-27781
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make lib...
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
debian/curl<=7.64.0-4+deb10u2
redhat/curl<7.83.1
Haxx Curl<7.83.1
Debian Debian Linux=10.0
and 28 more
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was aut...
debian/curl<=7.64.0-4+deb10u2
debian/curl<=7.82.0-2<=7.74.0-1.3+deb11u1<=7.64.0-4+deb10u2
Haxx Curl>=7.33.0<7.83.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
NetApp Clustered Data ONTAP
and 26 more
CVE-2022-27774
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is u...
debian/curl<=7.64.0-4+deb10u2
debian/curl<=7.64.0-4+deb10u2<=7.74.0-1.3+deb11u1<=7.82.0-2
Haxx Curl>=4.9<=7.82.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Netapp Hci Bootstrap Os
and 26 more
CVE-2022-27775
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a conne...
debian/curl
debian/curl<=7.74.0-1.3+deb11u1<=7.82.0-2
Haxx Curl>=7.65.0<=7.82.0
Debian Debian Linux=11.0
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
and 25 more
CVE-2022-27776
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
debian/curl<=7.64.0-4+deb10u2
debian/curl<=7.74.0-1.3+deb11u1<=7.64.0-4+deb10u2<=7.82.0-2
Haxx Curl<7.83.0
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Debian Debian Linux=10.0
and 28 more
CVE-2022-21496
An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
and 48 more
CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14,...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el8_5
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_1
and 168 more
CVE-2022-21449
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact...
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.7-1.el9_0
debian/openjdk-17
IBM Cognos Command Center<=10.2.4.1
Oracle GraalVM=21.3.1
Oracle GraalVM=22.0.0.2
and 20 more
CVE-2022-21443
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown att...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
and 50 more
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
redhat/kernel-rt<0:4.18.0-425.3.1.rt7.213.el8
redhat/kernel<0:4.18.0-425.3.1.el8
redhat/kernel<0:5.14.0-162.6.1.el9_1
redhat/kernel-rt<0:5.14.0-162.6.1.rt21.168.el9_1
Linux Linux kernel>=5.1<5.4.196
Linux Linux kernel>=5.5<5.10.117
and 166 more
CVE-2022-28796
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
Linux Linux kernel>=5.17<5.17.1
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Fedoraproject Fedora=35
Netapp Active Iq Unified Manager Vsphere
Netapp Solidfire\, Enterprise Sds \& Hci Storage Node
and 19 more
CVE-2020-36516
A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack (MITM) performs an IP fragmentation attack and an IPID collision. This flaw allow...
redhat/kernel-rt<0:4.18.0-425.3.1.rt7.213.el8
redhat/kernel<0:4.18.0-425.3.1.el8
redhat/kernel<0:5.14.0-162.6.1.el9_1
redhat/kernel-rt<0:5.14.0-162.6.1.rt21.168.el9_1
ubuntu/linux<4.15.0-176.185
ubuntu/linux<5.4.0-109.123
and 204 more
CVE-2022-23308
A flaw was found in libxml2. A call to the xmlGetID function can return a pointer already freed when parsing an XML document with the XML_PARSE_DTDVALID option and without the XML_PARSE_NOENT option, ...
redhat/jbcs-httpd24-apr-util<0:1.6.1-91.el8
redhat/jbcs-httpd24-curl<0:7.78.0-3.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-80.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-41.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-11.el8
redhat/jbcs-httpd24-openssl-chil<0:1.0.0-11.el8
and 75 more
CVE-2022-0492
A vulnerability was found in cgroup_release_agent_write in kernel/cgroup/cgroup-v1.c in the Linux kernel. In this flaw, under certain circumstances, the cgroups v1 release_agent feature can be used t...
redhat/kernel<0:2.6.32-754.47.1.el6
redhat/kernel-rt<0:3.10.0-1160.66.1.rt56.1207.el7
redhat/kernel<0:3.10.0-1160.66.1.el7
redhat/kernel<0:3.10.0-514.101.1.el7
redhat/kernel<0:3.10.0-693.103.1.el7
redhat/kernel<0:3.10.0-957.94.1.el7
and 214 more
CVE-2021-4209
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of ...
redhat/gnutls<3.7.3
Gnu Gnutls<3.7.3
Redhat Enterprise Linux=8.0
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Solidfire \& Hci Management Node
Netapp Hci Bootstrap Os
and 1 more
CVE-2021-4203
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/kernel-rt<0:4.18.0-305.57.1.rt7.129.el8_4
redhat/kernel<0:4.18.0-305.57.1.el8_4
Linux Linux kernel<5.15
Linux Linux kernel=5.15
and 175 more
CVE-2021-3772
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used an...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
ubuntu/linux<4.15.0-184.194
ubuntu/linux<5.4.0-117.132
ubuntu/linux<5.13.0-28.31
ubuntu/linux<5.15
and 195 more
CVE-2021-3753
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_io...
Linux Linux kernel<5.15
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Apple iPadOS
Netapp Element Software
Netapp Hci Management Node
and 172 more
CVE-2021-20322
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw all...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/kernel-rt<0:4.18.0-305.49.1.rt7.121.el8_4
redhat/kernel<0:4.18.0-305.49.1.el8_4
redhat/kernel<5.15
ubuntu/linux-aws<4.15.0-1119.127
and 186 more
CVE-2021-38199
fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arrang...
Linux Linux kernel<5.13.4
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
Netapp Hci Management Node
Netapp Solidfire
Netapp Element Software
and 125 more
CVE-2021-38203
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of fre...
Linux Linux kernel<5.13.4
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
Netapp Hci Management Node
Netapp Solidfire
Netapp Element Software
and 72 more
CVE-2021-38202
fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is bein...
Linux Linux kernel<5.13.4
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
Netapp Hci Management Node
Netapp Solidfire
Netapp Element Software
and 72 more
CVE-2021-38160
** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer s...
Linux Linux kernel<5.13.4
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
Netapp Hci Management Node
Netapp Solidfire
Netapp Element Software
and 130 more
CVE-2021-38201
net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.
redhat/kernel-rt<0:4.18.0-305.17.1.rt7.89.el8_4
redhat/kernel<0:4.18.0-305.17.1.el8_4
Linux Linux kernel<5.13.4
Netapp Hci Bootstrap Os
Netapp Hci Compute Node
Netapp Hci Management Node
and 91 more
CVE-2021-22897
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The se...
Haxx Curl>=7.61.0<=7.76.1
Oracle Communications Cloud Native Core Binding Support Function=1.11.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment=1.10.0
Oracle Communications Cloud Native Core Network Repository Function=1.15.0
Oracle Communications Cloud Native Core Network Repository Function=1.15.1
Oracle Communications Cloud Native Core Network Slice Selection Function=1.8.0
and 45 more
CVE-2021-45485
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that ...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/kernel-rt<0:4.18.0-305.65.1.rt7.137.el8_4
redhat/kernel<0:4.18.0-305.65.1.el8_4
Linux Linux kernel<5.13.3
NetApp E-Series SANtricity OS Controller
and 191 more
CVE-2021-22901
A use-after-free flaw was found in the way curl handled TLS session data. The curl versions using the OpenSSL library as their TLS backend could use freed memory after TLS session renegotiation was pe...
redhat/jbcs-httpd24<0:1-18.el8
redhat/jbcs-httpd24-apr<0:1.6.3-105.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-82.el8
redhat/jbcs-httpd24-brotli<0:1.0.6-40.el8
redhat/jbcs-httpd24-curl<0:7.77.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-74.el8
and 68 more
CVE-2021-2161
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact...
IBM DRM<=2.0.6
Oracle JDK=1.7.0-update291
Oracle JDK=1.8.0-update281
Oracle JDK=11.0.10
Oracle JDK=16.0.0
Oracle JRE=1.8.0-update281
and 140 more
CVE-2021-2163
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact...
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Sterling Secure Proxy<=6.0.3
Oracle JDK=1.7.0-update291
Oracle JDK=1.8.0-update281
and 131 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203