Red Hat Codeready Linux Builder Power Little Endian
By the Year
In 2023 there have been 0 vulnerabilities in Red Hat Codeready Linux Builder Power Little Endian . Last year Codeready Linux Builder Power Little Endian had 5 security vulnerabilities published. Right now, Codeready Linux Builder Power Little Endian is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 5 | 6.76 |
| 2021 | 1 | 5.50 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Codeready Linux Builder Power Little Endian vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Codeready Linux Builder Power Little Endian Security Vulnerabilities
There's a flaw in urllib's AbstractBasicAuthHandler class
CVE-2021-3733
6.5 - Medium
- March 10, 2022
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.
Resource Exhaustion
A flaw was found in python
CVE-2021-3737
7.5 - High
- March 04, 2022
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
Resource Exhaustion
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which
CVE-2021-3744
5.5 - Medium
- March 04, 2022
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
Memory Leak
A vulnerability was found in the Linux kernels cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function
CVE-2022-0492
7.8 - High
- March 03, 2022
A vulnerability was found in the Linux kernels cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
authentification
An off-by-one error was found in the SCSI device emulation in QEMU
CVE-2021-3930
6.5 - Medium
- February 18, 2022
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.
off-by-five
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0
CVE-2020-27842
5.5 - Medium
- January 05, 2021
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Red Hat? Click the Watch button to subscribe.
