exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

CVE-2021-37137

Status Candidate

Overview

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.

Related Files

Debian Security Advisory 5316-1
Posted Jan 12, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5316-1 - Several out-of-memory, stack overflow or HTTP request smuggling vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework, which may allow attackers to cause a denial of service or bypass restrictions when used as a proxy.

tags | advisory, java, web, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2021-37136, CVE-2021-37137, CVE-2021-43797, CVE-2022-41881, CVE-2022-41915
SHA-256 | d79e44dc740a4bdba61067f17bc2f8d1870d872798afcbc0a4bdd6ffab09ccdd
Red Hat Security Advisory 2022-8506-01
Posted Nov 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8506-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include code execution, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, code execution, xss, sql injection
systems | linux, redhat
advisories | CVE-2021-37136, CVE-2021-37137, CVE-2022-22818, CVE-2022-24836, CVE-2022-25648, CVE-2022-29970, CVE-2022-32209, CVE-2022-34265
SHA-256 | 2d5699b272bf62135c49021ecfc5e70e3ef3e624c94ce2a33e3c23d5cd96ba6d
Red Hat Security Advisory 2022-6835-01
Posted Oct 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6835-01 - This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and privilege escalation vulnerabilities.

tags | advisory, denial of service, registry, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2021-22569, CVE-2021-37136, CVE-2021-37137, CVE-2021-41269, CVE-2022-0235, CVE-2022-0536, CVE-2022-0981, CVE-2022-21724, CVE-2022-23647, CVE-2022-24771, CVE-2022-24772, CVE-2022-24773, CVE-2022-25647, CVE-2022-25857
SHA-256 | e74328b6f49a71e8a4f60fb74ad9b6b09cb32b24b7b0fd468d39f217ac93fb95
Red Hat Security Advisory 2022-5903-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5903-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This asynchronous security patch is an update to Red Hat Process Automation Manager 7. Issues addressed include HTTP request smuggling, denial of service, and deserialization vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-22569, CVE-2021-2471, CVE-2021-36373, CVE-2021-3642, CVE-2021-3644, CVE-2021-37136, CVE-2021-37137, CVE-2021-3717, CVE-2021-37714, CVE-2021-43797, CVE-2022-22950, CVE-2022-25647
SHA-256 | 64f14a1390aa598b8f7f7082ac1e23e09426694792e54d265ca579256dd960fb
Red Hat Security Advisory 2022-4919-01
Posted Jun 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4919-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include HTTP request smuggling, code execution, denial of service, memory leak, and traversal vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-37136, CVE-2021-37137, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0853, CVE-2022-0866, CVE-2022-1319, CVE-2022-21299, CVE-2022-21363, CVE-2022-23221, CVE-2022-23437, CVE-2022-23913, CVE-2022-24785
SHA-256 | bf1afc73c8ba9c4a4c22d13d1cf262785aff0e2266900d5107732077a9be4c4c
Red Hat Security Advisory 2022-4918-01
Posted Jun 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4918-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include HTTP request smuggling, code execution, denial of service, memory leak, and traversal vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-37136, CVE-2021-37137, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0853, CVE-2022-0866, CVE-2022-1319, CVE-2022-21299, CVE-2022-21363, CVE-2022-23221, CVE-2022-23437, CVE-2022-23913, CVE-2022-24785
SHA-256 | 8f6215dbc6e2ca60403953e5fff933cecb7aae3db0e8684fc171f45b5bcbc430
Red Hat Security Advisory 2022-4922-01
Posted Jun 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4922-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include HTTP request smuggling, code execution, denial of service, memory leak, and traversal vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-37136, CVE-2021-37137, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0853, CVE-2022-0866, CVE-2022-1319, CVE-2022-21299, CVE-2022-21363, CVE-2022-23221, CVE-2022-23437, CVE-2022-23913, CVE-2022-24785
SHA-256 | 7662acf836b5f242e6276a07b00c0aa87639c1a35f4ad678bade67af019843c5
Red Hat Security Advisory 2022-2216-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2216-01 - Logging Subsystem 5.4.1 - Red Hat OpenShift. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-37136, CVE-2021-37137, CVE-2021-4028, CVE-2021-43797, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-21698, CVE-2022-25636
SHA-256 | e8448d15067ef4e108e62dd39572f25de537bd0cc05255cb4ff9f26a2036af6d
Red Hat Security Advisory 2022-2218-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2218-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-37136, CVE-2021-37137, CVE-2021-4028, CVE-2021-43797, CVE-2022-0759, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-21698, CVE-2022-25636
SHA-256 | 0c5927e91c79b433162241dc82bdfd0e2fdad1d3d97c1f4a6ed341b8c4358a0b
Red Hat Security Advisory 2022-2217-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2217-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-37136, CVE-2021-37137, CVE-2021-4028, CVE-2021-43797, CVE-2022-0759, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-21698, CVE-2022-25636
SHA-256 | 0ec4d077e744566221bfb42a084e913e4269ba131207183ed703c14611b8ba91
Red Hat Security Advisory 2022-1013-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1013-01 - Red Hat Integration - Camel Extensions for Quarkus 2.2.1 serves as a replacement for 2.2 and includes security fixes. Issues addressed include code execution, denial of service, deserialization, information leakage, and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2020-15522, CVE-2020-8908, CVE-2021-22569, CVE-2021-2471, CVE-2021-26291, CVE-2021-28168, CVE-2021-28170, CVE-2021-30129, CVE-2021-37136, CVE-2021-37137, CVE-2021-40690, CVE-2021-41269, CVE-2021-4178, CVE-2021-42392
SHA-256 | d5cfb7d93bd17d4a300c3574ceea4314e4c04e0e4b82484593f5c02a870e2682
Red Hat Security Advisory 2022-0589-01
Posted Feb 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0589-01 - This release of Red Hat build of Quarkus 2.2.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-2471, CVE-2021-28170, CVE-2021-37136, CVE-2021-37137, CVE-2021-37714, CVE-2021-38153, CVE-2021-41269, CVE-2021-4178
SHA-256 | 3833d4591eef0c8e294a68978de238414c1e043c112a2e78b5695c6e4ec918d9
Red Hat Security Advisory 2022-0520-01
Posted Feb 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0520-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.3.0 replaces Data Grid 8.2.3 and includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, code execution, denial of service, and deserialization vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-29505, CVE-2021-3642, CVE-2021-37136, CVE-2021-37137, CVE-2021-39139, CVE-2021-39140, CVE-2021-39141, CVE-2021-39144, CVE-2021-39145, CVE-2021-39146, CVE-2021-39147, CVE-2021-39148, CVE-2021-39149, CVE-2021-39150, CVE-2021-39151, CVE-2021-39152, CVE-2021-39153, CVE-2021-39154, CVE-2021-43797
SHA-256 | 851e7d90129974b5aef9a1685ad0e47b2b5241fbd8c1cb7d5f745cf0ca63a06b
Red Hat Security Advisory 2022-0138-06
Posted Jan 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0138-06 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-34429, CVE-2021-37136, CVE-2021-37137, CVE-2021-38153, CVE-2021-44832
SHA-256 | 2f38e0d8dc7b220ec5d87808989b5228ca3d8752b3d04df31a78da378fe6296a
Red Hat Security Advisory 2021-4851-01
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4851-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.1 serves as a replacement for Red Hat AMQ Broker 7.9.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-37136, CVE-2021-37137
SHA-256 | 896841434a724157b334639f2d7ec99a622b7df9099ab77595f12f506035218e
Red Hat Security Advisory 2021-3959-01
Posted Nov 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3959-01 - This release of Red Hat build of Eclipse Vert.x 4.1.5 includes security updates, bug fixes, and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-37136, CVE-2021-37137
SHA-256 | a270953911232611ff7cde4dace40c5a21b8f912d9b969223f2bc137d2446cb0
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close