CVE-2021-37533

Related Files

Red Hat Security Advisory 2023-3667-01

Posted Jun 20, 2023

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3667-01 - A security update for Camel Extensions for Quarkus 2.13.3 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

tags | advisory

systems | linux, redhat

advisories | CVE-2021-37533, CVE-2023-1436

SHA-256 | 46f855b61eb9d0f2877fc82bf334c993889f0b94f0a3921324c940b819280f33

Download | Favorite | View

Red Hat Security Advisory 2023-2100-01

Posted May 4, 2023

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2100-01 - This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include bypass, code execution, cross site scripting, denial of service, man-in-the-middle, memory exhaustion, resource exhaustion, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss

systems | linux, redhat

advisories | CVE-2021-37533, CVE-2022-25857, CVE-2022-31777, CVE-2022-33681, CVE-2022-37865, CVE-2022-37866, CVE-2022-38398, CVE-2022-38648, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-39368, CVE-2022-40146

SHA-256 | 1bb832bf7ada06ee62e5e890aaaa9e8555545e8a79873bfe81eac208c4eb6165

Download | Favorite | View

Ubuntu Security Notice USN-6037-1

Posted May 1, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6037-1 - ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote attacker with a malicious FTP server could redirect the client to another server, which could possibly result in leaked information about services running on the private network of the client.

tags | advisory, remote

systems | linux, ubuntu

advisories | CVE-2021-37533

SHA-256 | 01b105752cb4c4020af26703fc7f227551e768e10ef43699d4dd35b88c29075e

Download | Favorite | View

Debian Security Advisory 5307-1

Posted Jan 2, 2023

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5307-1 - ZeddYu Lu discovered that the FTP client of Apache Commons Net, a Java client API for basic Internet protocols, trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client.

tags | advisory, java, protocol

systems | linux, debian

advisories | CVE-2021-37533

SHA-256 | 41b44ea9f6994bb126334a021ce554f5d235573bf2cf4cf42ab4a2effd6c874d

Download | Favorite | View