Security Bulletin
Summary
Multiple vulnerabilities were addressed in IBM Rapid Infrastructure Automation v1.1.5
Vulnerability Details
CVEID: CVE-2024-47875
DESCRIPTION: DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.
CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source: GitHub
CVSS Base score: 10
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H)
CVEID: CVE-2021-23343
DESCRIPTION: path-parse is vulnerable to a denial of service. By sending a specially-crafted request via splitDeviceRe, splitTailRe, and splitPathRe regular expressions, a remote attacker could exploit this vulnerability to cause a regular expression denial of service (ReDoS).
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2023-0833
DESCRIPTION: Red Hat AMQ-Streams could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in OKHttp componen. By sending a specially crafted request, an attacker could exploit this vulnerability to access information outside of their regular permissions.
CWE: CWE-209: Generation of Error Message Containing Sensitive Information
CVSS Source: IBM X-Force
CVSS Base score: 6.2
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2022-23806
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw with IsOnCurve function returns true for invalid field elements. By sending a specially-crafted request, an attacker could exploit this vulnerability to causes a panic in ScalarMult, and results in a denial of condition.
CWE: CWE-252: Unchecked Return Value
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-24538
DESCRIPTION: Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them, since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.
CWE: CWE-94: Improper Control of Generation of Code ('Code Injection')
CVSS Source: IBM X-Force
CVSS Base score: 9.8
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2023-24540
DESCRIPTION: Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.
CWE: CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVSS Source: IBM X-Force
CVSS Base score: 9.8
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-55565
DESCRIPTION: nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.
CWE: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CVSS Source: CISA ADP
CVSS Base score: 4.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2021-3114
DESCRIPTION: An unspecified error with the P224() Curve implementation can generate incorrect outputs in Golang Go has an unknown impact and attack vector.
CWE: CWE-682: Incorrect Calculation
CVSS Source: IBM X-Force
CVSS Base score: 4
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2021-34558
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the failure to properly assert that the type of public key in an X.509 certificate matches the expected type in the crypto/tls package. By persuading a victim to connect to a specially-crafted TLS server, a remote attacker could exploit this vulnerability to cause a TLS client to panic.
CWE: CWE-295: Improper Certificate Validation
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-44717
DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by an error in the syscall.ForkExec() interface. By causing the erroneous closing of file descriptor 0 after file-descriptor exhaustion, an attacker could exploit this vulnerability to compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().
CWE: CWE-404: Improper Resource Shutdown or Release
CVSS Source: IBM X-Force
CVSS Base score: 4.8
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID: CVE-2022-1705
DESCRIPTION: Golang Go is vulnerable to HTTP request smuggling, caused by a flaw with accepting of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CWE: CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID: CVE-2022-1962
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a stack exhaustion flaw in all Parse* functions. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a panic, and results in a denial of service condition.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 6.2
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-29526
DESCRIPTION: Golang Go could allow a remote attacker to obtain sensitive information, caused by a flaw in the Faccessat function when called with a non-zero flags parameter. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain accessible file information, and use this information to launch further attacks against the affected system.
CWE: CWE-269: Improper Privilege Management
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2022-41717
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when handling HTTP/2 requests in the Go server. By sending a specially-crafted keys, a remote attacker could exploit this vulnerability to cause excessive memory growth, and results in a denial of service condition.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2023-24532
DESCRIPTION: An unspecified error with return an incorrect result in the ScalarMult and ScalarBaseMult methods of the P256 Curve in Golang Go has an unknown impact and attack vector.
CWE: CWE-682: Incorrect Calculation
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2023-29406
DESCRIPTION: Golang Go is vulnerable to HTTP header injection, caused by improper contents validation of Host header by the HTTP/1 client. By persuading a victim to visit a specially crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
CWE: CWE-436: Interpretation Conflict
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)
CVEID: CVE-2023-29409
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, an remote attacker could exploit this vulnerability to cause a client/server to expend significant CPU time verifying signatures, and results in a denial of service condition.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: IBM X-Force
CVSS Base score: 5.7
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-43138
DESCRIPTION: Async could allow a remote attacker to execute arbitrary code on the system, caused by prototype pollution in the mapValues() method. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE: CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Source: IBM X-Force
CVSS Base score: 7.8
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID: CVE-2022-30629
DESCRIPTION: Golang Go could allow a remote attacker to obtain sensitive information, caused by an issue with session tickets generated by crypto/tls did not contain a randomly generated ticket_age_add. By comparing ticket ages during session resumption, an attacker could exploit this vulnerability to observe TLS handshakes information to correlate successive connections.
CWE: CWE-330: Use of Insufficiently Random Values
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2023-0842
DESCRIPTION: xml2js version 0.4.23 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the __proto__ property to be edited.
CWE: CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2020-7677
DESCRIPTION: Node.js thenify module could allow a remote attacker to execute arbitrary code on the system, caused by improper sanitization in eval function. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Source: IBM X-Force
CVSS Base score: 8.6
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2024-50379
DESCRIPTION: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
CWE: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CVSS Source: CISA ADP
CVSS Base score: 9.8
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-49766
DESCRIPTION: Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path that is not safe, potentially allowing unintended access to data. Applications using Python >= 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch.
CWE: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS Source: security-advisories@github.com
CVSS Base score: 6.3
CVSS Vector: (CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X)
CVEID: CVE-2024-49767
DESCRIPTION: Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all flask applications) are vulnerable to a relatively simple but effective resource exhaustion (denial of service) attack. A specifically crafted form submission request can cause the parser to allocate and block 3 to 8 times the upload size in main memory. There is no upper limit; a single upload at 1 Gbit/s can exhaust 32 GB of RAM in less than 60 seconds. Werkzeug version 3.0.6 fixes this issue.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 6.9
CVSS Vector: (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)
CVEID: CVE-2022-37966
DESCRIPTION: Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVSS Source: IBM X-Force
CVSS Base score: 8.1
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2022-37967
DESCRIPTION: Windows Kerberos Elevation of Privilege Vulnerability
CVSS Source: IBM X-Force
CVSS Base score: 7.2
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2022-38023
DESCRIPTION: Netlogon RPC Elevation of Privilege Vulnerability
CVSS Source: IBM X-Force
CVSS Base score: 8.1
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2022-30580
DESCRIPTION: Golang Go could allow a local attacker to execute arbitrary code on the system, caused by a flaw when Cmd.Run, cmd.Start, cmd.Output, or cmd.CombinedOutput are executed when Cmd.Path is unset. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE: CWE-94: Improper Control of Generation of Code ('Code Injection')
CVSS Source: IBM X-Force
CVSS Base score: 8.4
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2022-30630
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Glob in io/fs due to stack exhaustion. By sending a specially-crafted request using a path which contains a large number of path separators, a remote attacker could exploit this vulnerability to cause a panic.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-30631
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Reader.Read in compress/gzip due to stack exhaustion. By parsing a specially-crafted compressed file, a remote attacker could exploit this vulnerability to cause a panic.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-30632
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Glob in path/filepath due to stack exhaustion. By sending a specially-crafted request using a path containing a large number of path separators, a remote attacker could exploit this vulnerability to cause a panic.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-30633
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Unmarshal in encoding/xml due to stack exhaustion. By parsing a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a panic.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-30634
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request using large buffers, a remote attacker could exploit this vulnerability to cause rand.Read to hang,a and results in a denial of service condition.
CWE: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-30635
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Decoder.Decode in encoding/gob due to stack exhaustion. By sending a specially-crafted message containing deeply nested structures, a remote attacker could exploit this vulnerability to cause a panic.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-32148
DESCRIPTION: Golang Go could allow a remote attacker to obtain sensitive information, caused by improper exposure of client IP addresses in net/http. By calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, an attacker could exploit this vulnerability to obtain the client IP address information, and use this information to launch further attacks against the affected system.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-32189
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in Float.GobDecode and Rat GobDecode in math/big. By sending a specially-crafted message, a remote attacker could exploit this vulnerability to cause a panic.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-41715
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the compilation of regular expressions from untrusted sources. A remote attacker could exploit this vulnerability to exhaust all available memory resources.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-52798
DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgrade to 0.1.12. This vulnerability exists because of an incomplete fix for CVE-2024-45296.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: security-advisories@github.com
CVSS Base score: 7.7
CVSS Vector: (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X)
CVEID: CVE-2024-0727
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially crafted PKCS12 file, a remote attacker could exploit this vulnerability to cause the application to crash.
CWE: CWE-476: NULL Pointer Dereference
CVSS Source: IBM X-Force
CVSS Base score: 3.1
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2021-3765
DESCRIPTION: validator.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw when calling the rtrim function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-45492
DESCRIPTION: libexpat could allow a local attacker to execute arbitrary code on the system, caused by an integer overflow in the nextScaffoldPart function in xmlparse.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE: CWE-190: Integer Overflow or Wraparound
CVSS Source: CISA ADP
CVSS Base score: 7.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2024-45491
DESCRIPTION: libexpat could allow a local attacker to execute arbitrary code on the system, caused by an integer overflow in the dtdCopy function in xmlparse.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE: CWE-190: Integer Overflow or Wraparound
CVSS Source: CISA ADP
CVSS Base score: 7.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2024-45490
DESCRIPTION: libexpat could provide weaker than expected security, caused by the failure to reject a negative length for XML_ParseBuffer. By providing a negative length value to the XML_ParseBuffer function, a remote attacker could exploit this vulnerability to cause improper handling of XML data.
CWE: CWE-611: Improper Restriction of XML External Entity Reference
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21534
DESCRIPTION: Jsonpath-plus could allow a remote attacker to execute arbitrary code on the system, caused by improper input sanitization and unsafe default usage of the vm module in Node.js. By exploiting the unsafe default usage of the vm module in Node.js, an attacker could exploit this vulnerability to inject and execute arbitrary code on the system.
CWE: CWE-94: Improper Control of Generation of Code ('Code Injection')
CVSS Source: IBM X-Force
CVSS Base score: 9.8
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2021-3664
DESCRIPTION: url-parse could allow a remote attacker to conduct phishing attacks, caused by the mishandling of backlash "\" characters in a URI. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites.
CWE: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2022-0512
DESCRIPTION: unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by improperly handeling username and password. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation.
CWE: CWE-639: Authorization Bypass Through User-Controlled Key
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2022-0639
DESCRIPTION: unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by incorrect conversion of @ in protocol in the href. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation.
CWE: CWE-639: Authorization Bypass Through User-Controlled Key
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2022-0686
DESCRIPTION: unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by an issue with unable to find the correct hostname when no port number is provided in the url. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform SSRF, open redirect or other attacks depends on the hostname field of parsed url.
CWE: CWE-639: Authorization Bypass Through User-Controlled Key
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID: CVE-2022-0691
DESCRIPTION: unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by improper validation of \b (backspace) character. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation and leads to false positive in the extractProtocol() function.
CWE: CWE-639: Authorization Bypass Through User-Controlled Key
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID: CVE-2024-37890
DESCRIPTION: Node.js ws module is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending a specially crafted request with multiple HTTP headers, a remote attacker could exploit this vulnerability to cause the server to crash.
CWE: CWE-476: NULL Pointer Dereference
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-41772
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an out-of-bounds slice situation in the Reader.Open function. By using a specially-crafted ZIP archive containing an invalid name or an empty filename field, a remote attacker could exploit this vulnerability to cause a panic, and results in a denial of service condition.
CWE: CWE-20: Improper Input Validation
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-44716
DESCRIPTION: net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: NVD
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-23772
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a buffer overflow in the Rat.SetString function in math/big. By sending a specially-crafted request, an attacker could exploit this vulnerability to consume large amount of RAM and cause the application to crash.
CWE: CWE-190: Integer Overflow or Wraparound
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-24675
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a stack-based buffer overflow in encoding/pem in the Decode feature. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the program to crash.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-24921
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation. By using a specially-crafted deeply nested expression, a remote attacker could exploit this vulnerability to cause a goroutine stack exhaustion, and results in a denial of service condition.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-27664
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a closing HTTP/2 server connection to hang, and results in a denial of service condition.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-28131
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Decoder.Skip in encoding/xml due to stack exhaustion. By parsing a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a panic.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-28327
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validaiton by the generic P-256 feature in crypto/elliptic. By sending a specially-crafted request with long scalar input, a remote attacker could exploit this vulnerability to cause a panic on the system.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-2879
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the failure to set a limit on the maximum size of file headers by Reader.Read. By using a specially crafted archive, a remote attacker could exploit this vulnerability to exhaust all available memory resources.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-2880
DESCRIPTION: Golang Go could allow a remote attacker to conduct query parameter smuggling, caused by the inclusion of unparseable parameters rejected by net/http in requests forwarded by ReverseProxy. An attacker could exploit this vulnerability to conduct query parameter smuggling.
CWE: CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2024-24828
DESCRIPTION: pkg could allow a remote authenticated attacker to gain elevated privileges on the system, caused by incorrect default permissions. By placing a specially crafted executables, an attacker could exploit this vulnerability to escalate privileges.
CWE: CWE-276: Incorrect Default Permissions
CVSS Source: IBM X-Force
CVSS Base score: 6.6
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N)
CVEID: CVE-2022-41716
DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by improper checking for invalid environment variable values in syscall.StartProcess and os/exec.Cmd. By using a specially-crafted environment variable value, an attacker could exploit this vulnerability to set a value for a different environment variable.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2022-41722
DESCRIPTION: A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as "a/../c:/b" into the valid path "c:\b". This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid) path ".\c:\b".
CWE: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS Source: NVD
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2022-41723
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the HPACK decoder. By sending a specially-crafted HTTP/2 stream, a remote attacker could exploit this vulnerability to cause excessive CPU consumption, and results in a denial of service condition.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-24536
DESCRIPTION: Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the total memory a parsed multipart form can consume. ReadForm can undercount the amount of memory consumed, leading it to accept larger inputs than intended. 2. Limiting total memory does not account for increased pressure on the garbage collector from large numbers of small allocations in forms with many parts. 3. ReadForm can allocate a large number of short-lived buffers, further increasing pressure on the garbage collector. The combination of these factors can permit an attacker to cause an program that parses multipart forms to consume large amounts of CPU and memory, potentially resulting in a denial of service. This affects programs that use mime/multipart.Reader.ReadForm, as well as form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. With fix, ReadForm now does a better job of estimating the memory consumption of parsed forms, and performs many fewer short-lived allocations. In addition, the fixed mime/multipart.Reader imposes the following limits on the size of parsed forms: 1. Forms parsed with ReadForm may contain no more than 1000 parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxparts=. 2. Form parts parsed with NextPart and NextRawPart may contain no more than 10,000 header fields. In addition, forms parsed with ReadForm may contain no more than 10,000 header fields across all parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxheaders=.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-24537
DESCRIPTION: Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.
CWE: CWE-190: Integer Overflow or Wraparound
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-24539
DESCRIPTION: Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.
CWE: CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVSS Source: IBM X-Force
CVSS Base score: 7.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2023-29403
DESCRIPTION: On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.
CWE: CWE-668: Exposure of Resource to Wrong Sphere
CVSS Source: IBM X-Force
CVSS Base score: 7.8
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2023-39325
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the net/http and x/net/http2 packages. By sending specially crafted requests using HTTP/2 client, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-45287
DESCRIPTION: Golang Go could allow a remote attacker to obtain sensitive information, caused by a timing-side channel attack in the RSA based key exchange methods in crypto/tls. The removal of of PKCS#1 padding could allow a remote attacker to leak timing information, which in turn could be used to recover session key bits.
CWE: CWE-203: Observable Discrepancy
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2023-45288
DESCRIPTION: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
CWE: CWE-202: Exposure of Sensitive Information Through Data Queries
CVSS Source: CISA ADP
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-28863
DESCRIPTION: isaacs node-tar is vulnerable to a denial of service, caused by the lack of folders count validation. By sending a specially crafted request, an remote attacker could exploit this vulnerability to cause a denial of service.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-5568
DESCRIPTION: Samba is vulnerable to a denial of service, caused by a heap-based buffer overflow flaw in the Heimdal KDC. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-122: Heap-based Buffer Overflow
CVSS Source: IBM X-Force
CVSS Base score: 5.9
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H)
CVEID: CVE-2020-15586
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a data race in some net/http servers. By sending specially-crafted HTTP requests, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2020-16845
DESCRIPTION: Go Language is vulnerable to a denial of service, caused by an infinite read loop in ReadUvarint and ReadVarint in encoding/binary. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2020-24553
DESCRIPTION: Golang Go is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the CGI/FCGI handlers. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source: IBM X-Force
CVSS Base score: 7.2
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)
CVEID: CVE-2021-31525
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted header to ReadRequest or ReadResponse. Server, Transport, and Client, a remote attacker could exploit this vulnerability to cause a (panic) denial of service condition.
CWE: CWE-674: Uncontrolled Recursion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-33195
DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by not following RFC 1035 rules in the LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in net. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE: CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVSS Source: IBM X-Force
CVSS Base score: 7.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2021-33197
DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by a flaw in the ReverseProxy in net/http/httputil. By sending a specially-crafted request, an attacker could exploit this vulnerability to drop arbitrary headers, including those set by the ReverseProxy.Director.
CWE: CWE-862: Missing Authorization
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2021-33198
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the SetString and UnmarshalText methods of math/big.Rat. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a panic or an unrecoverable fatal error, and results in a denial of service condition.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-36221
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a race condition upon an ErrAbortHandler abort. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a net/http/httputil ReverseProxy panic.
CWE: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-39293
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the NewReader and OpenReader functions in archive/zip. By sending a specially-crafted archive header, a remote attacker could exploit this vulnerability to cause a panic, which results in a denial of service.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-41771
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an out-of-bounds slice situation in the ImportedSymbols function in debug/macho. By using specially-crafted binaries, a remote attacker could exploit this vulnerability to cause a panic, and results in a denial of service condition.
CWE: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2018-3737
DESCRIPTION: Node.js sshpk module is vulnerable to a denial of service, caused by an error parsing specially crafted invalid public keys. A remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21193
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the Server: PS component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21194
DESCRIPTION: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21196
DESCRIPTION: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21197
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the Server: Information Schema component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21198
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the Server: DDL component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21199
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the InnoDB component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21201
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the Server: Optimizer component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21203
DESCRIPTION: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21207
DESCRIPTION: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38 and prior, 8.4.1 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21212
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the Server: Health Monitor component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.4
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21213
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the InnoDB component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.2
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21218
DESCRIPTION: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21219
DESCRIPTION: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21230
DESCRIPTION: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21231
DESCRIPTION: Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L).
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CVE.org
CVSS Base score: 3.1
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-21236
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the InnoDB component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21237
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the Server: Group Replication GCS component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 2.2
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-21238
DESCRIPTION: Oracle MySQL Server and Cluster are vulnerable to a denial of service related to the Server:Thread Pooling components. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a hang or frequently repeatable crash.
CVSS Source: CVE.org
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21239
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the InnoDB component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21241
DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the Server: Optimizer component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: CVE.org
CVSS Base score: 4.9
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-21247
DESCRIPTION: Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).
CWE: CWE-284: Improper Access Control
CVSS Source: CVE.org
CVSS Base score: 3.8
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N)
CVEID: CVE-2022-0536
DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system.
CWE: CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer
CVSS Source: IBM X-Force
CVSS Base score: 2.6
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2024-11168
DESCRIPTION: The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.
CWE: CWE-918: Server-Side Request Forgery (SSRF)
CVSS Source: CISA ADP
CVSS Base score: 3.7
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2024-45801
DESCRIPTION: DOMPurify could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in depth check. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: CVE.org
CVSS Base score: 7.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2021-23362
DESCRIPTION: Node.js hosted-git-info module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the fromUrl function in index.js. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-26462
DESCRIPTION: Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.
CWE: CWE-401: Missing Release of Memory after Effective Lifetime
CVSS Source: NVD
CVSS Base score: 5.5
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-3596
DESCRIPTION: RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
CWE: CWE-354: Improper Validation of Integrity Check Value
CVSS Source: NVD
CVSS Base score: 9
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVEID: CVE-2024-24791
DESCRIPTION: Go net/http package is vulnerable to a denial of service, caused by improper 100-continue header handling. By sending "Expect: 100-continue" requests, a remote attacker could exploit this vulnerability to cause a denial of service.
CWE: CWE-20: Improper Input Validation
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-39266
DESCRIPTION: Node.js isolated-vm module could allow a remote attacker to execute arbitrary code on the system, caused by vulnerable CachedDataOptions in API. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass sandbox restrictions and run arbitrary code on the affected system.
CWE: CWE-20: Improper Input Validation
CVSS Source: IBM X-Force
CVSS Base score: 9.6
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVEID: CVE-2022-30065
DESCRIPTION: Busybox could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free in copyvar function. By sending a specially-crafted awk pattern, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service.
CWE: CWE-416: Use After Free
CVSS Source: IBM X-Force
CVSS Base score: 9.8
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2022-28391
DESCRIPTION: BusyBox could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the netstat applet. By persuading a victim to send a specially-crafted request using a VT compatible terminal, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Source: IBM X-Force
CVSS Base score: 8.8
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-22365
DESCRIPTION: Linux-pam is vulnerable to a denial of service, caused by a flaw in pam_namespace.so. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service.
CVSS Source: IBM X-Force
CVSS Base score: 4
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-29857
DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by improper input validation. By importing an EC certificate with crafted F2m parameters, a remote attacker could exploit this vulnerability to cause excessive CPU consumption.
CWE: CWE-125: Out-of-bounds Read
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-25883
DESCRIPTION: Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2022-0155
DESCRIPTION: follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system.
CWE: CWE-359: Exposure of Private Personal Information to an Unauthorized Actor
CVSS Source: IBM X-Force
CVSS Base score: 8
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-28849
DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage of credentials when clearing authorization header during cross-domain redirect, but keeping the proxy-authentication header. An attacker could exploit this vulnerability to obtain credentials and other sensitive information.
CWE: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2022-0235
DESCRIPTION: Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with Cookie. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CWE: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2024-27088
DESCRIPTION: es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: NVD
CVSS Base score: 5.5
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-4067
DESCRIPTION: Node.js micromatch module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in micromatch.braces() in index.js. By sending a specially crafted payload, a remote attacker could exploit this vulnerability to increase the consumption time until the application hangs or slows down.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: CVE.org
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-45590
DESCRIPTION: expressjs body-parser is vulnerable to a denial of service, caused by a flaw when url encoding is enabled. By sending a specially crafted payload, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-405: Asymmetric Resource Consumption (Amplification)
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-48957
DESCRIPTION: execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
CWE: CWE-125: Out-of-bounds Read
CVSS Source: CVE.org
CVSS Base score: 7.8
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-48958
DESCRIPTION: execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
CWE: CWE-125: Out-of-bounds Read
CVSS Source: CVE.org
CVSS Base score: 7.8
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-12254
DESCRIPTION: Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: CISA ADP
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-29651
DESCRIPTION: A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle()`, `parse()`, `resolve()`, `dereference() functions.
CWE: CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Source: CISA ADP
CVSS Base score: 8.1
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-24790
DESCRIPTION: An unspecified error related to various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses in the net/netip package in Golang Go has an unknown impact and attack vector.
CVSS Source: CISA ADP
CVSS Base score: 9.8
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2018-25031
DESCRIPTION: swagger-ui could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a specially-crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
CWE: CWE-20: Improper Input Validation
CVSS Source: IBM X-Force
CVSS Base score: 5.4
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)
CVEID: CVE-2021-46708
DESCRIPTION: npm swagger-ui-dist could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
CWE: CWE-1021: Improper Restriction of Rendered UI Layers or Frames
CVSS Source: IBM X-Force
CVSS Base score: 4.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
CVEID: CVE-2024-43788
DESCRIPTION: Webpack and Rspack are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source: IBM X-Force
CVSS Base score: 6.4
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H)
CVEID: CVE-2020-14039
DESCRIPTION: Go could allow a remote attacker to bypass security restrictions, caused by improper validation on the VerifyOptions.KeyUsages EKU requirements during the X.509 certificate verification. An attacker could exploit this vulnerability to gain access to the system.
CWE: CWE-295: Improper Certificate Validation
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2022-24434
DESCRIPTION: Node.js dicer module is vulnerable to a denial of service. By sending a specially-crafted form to server, a remote attacker could exploit this vulnerability to crash the node.js service.
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-0760
DESCRIPTION: ISC BIND is vulnerable to a denial of service. By sending a flood of DNS messages over TCP, a remote attacker could exploit this vulnerability to cause the server to become unstable.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-1737
DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error when content is being added or updated in resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE). By processing queries, a remote attacker could exploit this vulnerability to cause the database to slow down.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-1975
DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error if a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache. By sending a stream of SIG(0) signed requests, a remote attacker could exploit this vulnerability to exhaust all available CPU resources.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-4076
DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error when serving both stale cache data and authoritative zone content. By sending queries, a remote attacker could exploit this vulnerability to cause an assertion failure.
CWE: CWE-617: Reachable Assertion
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-18413
DESCRIPTION: TypeStack class-validator could allow a remote attacker to bypass security restrictions, caused by a flaw in the class-validator function. By sending a specially-crafted input, an attacker could exploit this vulnerability to bypass the class-validator to perform SQL Injection or XSS attacks.
CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID: CVE-2022-3517
DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the braceExpand function. By sending specially-crafted regex arguments, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2020-15366
DESCRIPTION: Ajv (aka Another JSON Schema Validator) could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the ajv.validate function. By sending a specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE: CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Source: IBM X-Force
CVSS Base score: 5.6
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2020-29582
DESCRIPTION: JetBrains Kotlin could allow a local authenticated attacker to obtain sensitive information, caused by an insecure permission flaw when creating temporary file and folder by the Java API. By gaining access to the temporary directory, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE: CWE-276: Incorrect Default Permissions
CVSS Source: IBM X-Force
CVSS Base score: 5.5
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2022-24329
DESCRIPTION: JetBrains Kotlin could provide weaker than expected security, caused by failing to lock dependencies for Multiplatform Gradle Projects. A remote attacker could exploit this vulnerability to launch further attacks on the system.
CWE: CWE-829: Inclusion of Functionality from Untrusted Control Sphere
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2023-5981
DESCRIPTION: GNU GnuTLS could allow a remote attacker to obtain sensitive information, caused by a timing sidechannel issue during RSA-PSK key exchange. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE: CWE-203: Observable Discrepancy
CVSS Source: IBM X-Force
CVSS Base score: 5.9
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2024-0553
DESCRIPTION: GnuTLS could allow a remote attacker to obtain sensitive information. By perform a timing side-channel attack in the RSA-PSK key exchange, a remote attacker could exploit this vulnerability to obtain sensitive information.
CWE: CWE-203: Observable Discrepancy
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2024-0567
DESCRIPTION: GnuTLS is vulnerable to a denial of service, caused by a flaw when validating a certificate chain with cockpit-certificate-ensure. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CWE: CWE-347: Improper Verification of Cryptographic Signature
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-45857
DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By inserting the X-XSRF-TOKEN header using the secret XSRF-TOKEN cookie value in all requests to any server when the XSRF-TOKEN0 cookie is available, and the withCredentials setting is turned on, an attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CWE: CWE-352: Cross-Site Request Forgery (CSRF)
CVSS Source: IBM X-Force
CVSS Base score: 7.1
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N)
CVEID: CVE-2024-8088
DESCRIPTION: Python CPython is vulnerable to a denial of service, caused by an infinite loop flaw when iterating over names of entries in a zip archive. By using a specially crafted zip archive, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CVSS Source: CVE.org
CVSS Base score: 8.7
CVSS Vector: (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L)
CVEID: CVE-2021-27918
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an infinite loop flaw when using xml.NewTokenDecoder with a custom TokenReader. By persuading a victim to open a specially-crafted XML content, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CVSS Source: IBM X-Force
CVSS Base score: 5.5
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2021-33196
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the NewReader and OpenReader functions in archive/zip. By persuading a victim to open a specially-crafted archive file, a remote attacker could exploit this vulnerability to cause a panic or an unrecoverable fatal error, and results in a denial of service condition.
CWE: CWE-20: Improper Input Validation
CVSS Source: IBM X-Force
CVSS Base score: 5.5
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-29804
DESCRIPTION: Golang Go could allow a local attacker to bypass security restrictions, caused by a flaw in the filepath.Clean function. By sending a specially-crafted request, an attacker could exploit this vulnerability to convert an invalid path to a valid, absolute path.
CWE: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS Source: IBM X-Force
CVSS Base score: 6.2
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2022-41720
DESCRIPTION: Golang Go could allow a remote attacker to obtain sensitive information, caused byimproper access control by the os.DirFS function and http.Dir type. By sending a specially-crafted request, an attacker could exploit this vulnerability to access any path on the system, and use this information to launch further attacks against the affected system.
CWE: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2022-41724
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2022-41725
DESCRIPTION: A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing "up to maxMemory bytes +10MB (reserved for non-file parts) in memory". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type's documentation states, "If stored on disk, the File's underlying concrete type will be an *os.File.". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: NVD
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-24534
DESCRIPTION: HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit this behavior to cause an HTTP server to allocate large amounts of memory from a small request, potentially leading to memory exhaustion and a denial of service. With fix, header parsing now correctly allocates only the memory required to hold parsed headers.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: NVD
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2023-29400
DESCRIPTION: Templates containing actions in unquoted HTML attributes (e.g. "attr={
{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.
CWE: CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVSS Source: IBM X-Force
CVSS Base score: 6.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID: CVE-2023-45283
DESCRIPTION: Golang Go could allow a remote attacker to traverse directories on the system, caused by the failure to recognize paths with a \??\ prefix as a Root Local Device path prefix in the filepath and safefilepath package. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
CWE: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2023-26115
DESCRIPTION: All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2022-24999
DESCRIPTION: Express.js Express is vulnerable to a denial of service, caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-48949
DESCRIPTION: The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation.
CWE: CWE-347: Improper Verification of Cryptographic Signature
CVSS Source: IBM X-Force
CVSS Base score: 8.2
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)
CVEID: CVE-2021-22963
DESCRIPTION: Fastify fastify-static module could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially-crafted URL to redirect Mozilla Firefox users to arbitrary Web sites.
CWE: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CVSS Source: IBM X-Force
CVSS Base score: 3.7
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2019-9674
DESCRIPTION: Python is vulnerable to a denial of service, caused by a flaw in the Lib/zipfile.py. By using a ZIP bomb, a remote attacker could exploit this vulnerability to cause a denial of dervice.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: IBM X-Force
CVSS Base score: 3.3
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-43800
DESCRIPTION: expressjs serve-static is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source: IBM X-Force
CVSS Base score: 5
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)
CVEID: CVE-2021-44906
DESCRIPTION: Node.js Minimist module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in setKey() function in the index.js script. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE: CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Source: IBM X-Force
CVSS Base score: 5.6
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2012-5783
DESCRIPTION: Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CWE: CWE-295: Improper Certificate Validation
CVSS Source: NVD
CVSS Base score: 5.8
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVEID: CVE-2024-38808
DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted Spring Expression Language (SpEL) expression, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: VMware
CVSS Base score: 4.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-56201
DESCRIPTION: Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.
CWE: CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences
CVSS Source: CISA ADP
CVSS Base score: 8.8
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-56326
DESCRIPTION: Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5.
CWE: CWE-693: Protection Mechanism Failure
CVSS Source: CISA ADP
CVSS Base score: 7.8
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2023-26108
DESCRIPTION: Nestjs Nest could allow a remote attacker to obtain sensitive information, caused by a flaw in the StreamableFile pipe. By sending a specially-crafted cancel request while it is streaming a StreamableFile, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source: IBM X-Force
CVSS Base score: 3.7
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2024-11187
DESCRIPTION: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.
CWE: CWE-405: Asymmetric Resource Consumption (Amplification)
CVSS Source: security-officer@isc.org
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-12705
DESCRIPTION: Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: security-officer@isc.org
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-4068
DESCRIPTION: Node.js braces module is vulnerable to a denial of service, caused by the failure to limit the number of characters it can handle. leading to a memory exhaustion in lib/parse.js. By sending imbalanced braces as input, the parsing will enter a loop causing the JavaScript heap limit to be reached, and the program will crash.
CWE: CWE-1050: Excessive Platform Resource Consumption within a Loop
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-43796
DESCRIPTION: expressjs express is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source: IBM X-Force
CVSS Base score: 5
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)
CVEID: CVE-2024-10491
DESCRIPTION: expressjs express could allow a remote attacker to obtain sensitive information, caused by a flaw in the response.links function. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE: CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVSS Source: CVE.org
CVSS Base score: 4
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N)
CVEID: CVE-2022-2835
DESCRIPTION: A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.
CWE: CWE-923: Improper Restriction of Communication Channel to Intended Endpoints
CVSS Source: IBM X-Force
CVSS Base score: 4.4
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)
CVEID: CVE-2022-2837
DESCRIPTION: A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.
CWE: CWE-923: Improper Restriction of Communication Channel to Intended Endpoints
CVSS Source: IBM X-Force
CVSS Base score: 4.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2024-30171
DESCRIPTION: The Bouncy Castle Crypto Package For Java could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the RSA decryption (both PKCS#1v1.5 and OAEP) feature. By utilize timing side-channel attack techniques, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE: CWE-203: Observable Discrepancy
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2024-30172
DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by an infinite loop in the Ed25519 verification code. By persuading a victim to use a specially crafted signature and public key, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CVSS Source: IBM X-Force
CVSS Base score: 5.5
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-34447
DESCRIPTION: The Bouncy Castle Crypto Package For Java could allow a remote attacker to bypass security restrictions, caused by a flaw when endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname. By sending a specially crafted request, an attacker could exploit this vulnerability to perform DNS poisoning attack.
CWE: CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID: CVE-2024-45296
DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: CVE.org
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-38821
DESCRIPTION: Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances. For this to impact an application, all of the following must be true: * It must be a WebFlux application * It must be using Spring's static resources support * It must have a non-permitAll authorization rule applied to the static resources support
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 9.1
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVEID: CVE-2024-48948
DESCRIPTION: The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an _truncateToN anomaly. This leads to valid signatures being rejected. Legitimate transactions or communications may be incorrectly flagged as invalid.
CWE: CWE-347: Improper Verification of Cryptographic Signature
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2024-38829
DESCRIPTION: A vulnerability in VMware Tanzu Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in unintended columns from being queried Related to CVE-2024-38820 https://spring.io/security/cve-2024-3882
CWE: CWE-178: Improper Handling of Case Sensitivity
CVSS Source: IBM X-Force
CVSS Base score: 3.7
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2024-47554
DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2021-22964
DESCRIPTION: Fastify fastify-static module could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially-crafted URL to redirect Mozilla Firefox users to arbitrary Web sites or cause the application to crash.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: IBM X-Force
CVSS Base score: 8.2
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L)
CVEID: CVE-2024-9287
DESCRIPTION: A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
CWE: CWE-428: Unquoted Search Path or Element
CVSS Source: NVD
CVSS Base score: 7.8
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2021-32640
DESCRIPTION: WebSockets ws library for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDOS) flaw in the in Sec-Websocket-Protocol header. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a slow down on the ws server, and results in a denial of service condition.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-45337
DESCRIPTION: Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is in fact used to authenticate." Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.
CVSS Source: CISA
CVSS Base score: 9.1
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVEID: CVE-2022-25901
DESCRIPTION: Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-20696
DESCRIPTION: Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Libarchive component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE: CWE-122: Heap-based Buffer Overflow
CVSS Source: IBM X-Force
CVSS Base score: 7.3
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVEID: CVE-2024-39249
DESCRIPTION: Async is vulnerable to a denial of service, caused by the ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. Note: This vulnerability is disputed by the supplier because there is no realistic threat model: regular expressions are not used with untrusted input.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: IBM X-Force
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-29041
DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary Web sites.
CWE: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CVSS Source: IBM X-Force
CVSS Base score: 6.1
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2024-56337
DESCRIPTION: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can.
CWE: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CVSS Source: CISA ADP
CVSS Base score: 9.8
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2021-3749
DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the trim function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause an application to consume an excessive amount of CPU.
CWE: CWE-1333: Inefficient Regular Expression Complexity
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2024-29415
DESCRIPTION: The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.
CWE: CWE-918: Server-Side Request Forgery (SSRF)
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2024-41909
DESCRIPTION: Apache MINA SSHD could allow a remote attacker to bypass security restrictions. An attacker who can intercept traffic between the client and server could drop certain packets from the stream. This potentially causes a Terrapin attack where the client and server consequently end up with a connection for which some security features have been downgraded or disabled.
CWE: CWE-354: Improper Validation of Integrity Check Value
CVSS Source: IBM X-Force
CVSS Base score: 5.9
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2024-24806
DESCRIPTION: libuv is vulnerable to server-side request forgery, caused by improper Domain lookup by the uv_getaddrinfo function in src/unix/getaddrinfo.c. By sending a specially crafted request, an attacker could exploit this vulnerability to conduct SSRF attack.
CWE: CWE-918: Server-Side Request Forgery (SSRF)
CVSS Source: CVE.org
CVSS Base score: 7.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2019-10744
DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition.
CWE: CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Source: IBM X-Force
CVSS Base score: 9.1
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVEID: CVE-2021-23337
DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CWE: CWE-94: Improper Control of Generation of Code ('Code Injection')
CVSS Source: IBM X-Force
CVSS Base score: 7.2
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-8203
DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: IBM X-Force
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2020-28500
DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Source: CVE.org
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2024-38809
DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted HTTP request containing ETags from "If-Match" or "If-None-Match" request headers, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: GitHub, Inc.
CVSS Base score: 5.3
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Products and Versions
| Affected Product(s) | Version(s) |
| IBM Rapid Infrastructure Automation | 1.1.4 |
Remediation/Fixes
IBM strongly recommends addressing the vulnerability now by upgrading to IBM Rapid Network Automation version 1.1.5 which can be deployed on-premises.
Please go to https://www.ibm.com/docs/SSPXJL_1.1/upgrading/upgrading_114.html to follow the installation instructions relevant to your chosen architecture.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
Acknowledgement
Change History
19 Mar 2025: Updated CVE description.
18 Mar 2025: Initial Publication
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. "Affected Products and Versions" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
28 April 2025
Initial Publish date:
18 March 2025
UID
ibm17186589