Showing 1 - 5 of 5

CVE-2017-18640

Status Candidate

Overview

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

Gentoo Linux Security Advisory 202305-28: Posted May 22, 2023; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202305-28 - Multiple vulnerabilities have been found in snakeyaml, the worst of which could result in denial of service. Versions greater than or equal to 1.33 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2017-18640, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752; SHA-256 | 450489bee55ab3d0abd0fbbd5825dda4f101c934405fc2e01047cd9490e68b31; Download | Favorite | View

Red Hat Security Advisory 2021-3225-01: Posted Aug 31, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3225-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.8.0 serves as a replacement for Red Hat AMQ Streams 1.7.0, and includes security and bug fixes, and enhancements. Issues addressed include information leakage, resource exhaustion, and traversal vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2017-18640, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-27568, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-28168, CVE-2021-28169, CVE-2021-29425, CVE-2021-34428; SHA-256 | f799cc6edbac4d0b98864f1662ed210d6e06f745c7ff0e79f347ad596baa1447; Download | Favorite | View

Red Hat Security Advisory 2021-3140-01: Posted Aug 12, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3140-01 - This release of Red Hat Fuse 7.9.0 serves as a replacement for Red Hat Fuse 7.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, bypass, code execution, cross site scripting, denial of service, deserialization, information leakage, man-in-the-middle, memory leak, resource exhaustion, server-side request forgery, remote SQL injection, and traversal vulnerabilities.; tags | advisory, remote, web, denial of service, vulnerability, code execution, xss, sql injection, memory leak; systems | linux, redhat; advisories | CVE-2017-18640, CVE-2017-5645, CVE-2019-12402, CVE-2019-14887, CVE-2019-16869, CVE-2019-20445, CVE-2020-10688, CVE-2020-10693, CVE-2020-10714, CVE-2020-10719, CVE-2020-11996, CVE-2020-13920, CVE-2020-13934, CVE-2020-13935, CVE-2020-13936, CVE-2020-13954, CVE-2020-13956, CVE-2020-14040, CVE-2020-14297, CVE-2020-14338, CVE-2020-14340, CVE-2020-1695, CVE-2020-17510, CVE-2020-17518, CVE-2020-1925, CVE-2020-1935, CVE-2020-1938; SHA-256 | 7b87634aaeff995c7acbe482688b36f551a706a54a262f6607bd35c528818502; Download | Favorite | View

Red Hat Security Advisory 2020-4807-01: Posted Nov 4, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4807-01 - Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target.; tags | advisory; systems | linux, redhat; advisories | CVE-2017-18640; SHA-256 | 29992800e859dba3433e91990bd046a9d76823c96424e1dd940e196f3d99ed36; Download | Favorite | View

Red Hat Security Advisory 2020-2603-01: Posted Jun 17, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-2603-01 - This release of Red Hat build of Quarkus 1.3.4 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.; tags | advisory; systems | linux, redhat; advisories | CVE-2017-18640; SHA-256 | 94c7e3d0d3088db4cb4a760871c93791a3931a4797c0c3fc1c3db8e528de5cd8; Download | Favorite | View

Page 1 of 1 Back 1 Next