Multiple vulnerabilities in Red Hat Migration Toolkit for Applications
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 58 |
| CVE-ID | CVE-2023-38545 CVE-2023-26966 CVE-2023-27043 CVE-2023-28100 CVE-2023-28101 CVE-2023-29491 CVE-2023-29499 CVE-2023-31486 CVE-2023-32324 CVE-2023-32611 CVE-2023-32665 CVE-2023-34241 CVE-2023-36054 CVE-2023-38546 CVE-2023-22745 CVE-2023-39615 CVE-2023-39975 CVE-2023-42917 CVE-2023-44487 CVE-2024-0553 CVE-2024-0567 CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926 CVE-2024-20945 CVE-2024-20952 CVE-2023-26965 CVE-2023-7104 CVE-2022-1962 CVE-2021-35938 CVE-2022-45693 CVE-2022-46751 CVE-2023-1436 CVE-2023-2976 CVE-2023-26159 CVE-2023-29406 CVE-2023-29409 CVE-2023-35116 CVE-2007-4559 CVE-2021-3468 CVE-2021-3502 CVE-2021-35937 CVE-2021-35939 CVE-2023-6135 CVE-2021-43618 CVE-2022-24963 CVE-2022-44638 CVE-2023-1981 CVE-2023-2731 CVE-2023-3138 CVE-2023-3316 CVE-2023-3576 CVE-2023-4016 CVE-2023-4641 CVE-2023-5363 CVE-2023-5557 CVE-2023-5981 |
| CWE-ID | CWE-122 CWE-119 CWE-20 CWE-295 CWE-400 CWE-416 CWE-824 CWE-73 CWE-125 CWE-415 CWE-208 CWE-617 CWE-59 CWE-787 CWE-611 CWE-674 CWE-276 CWE-601 CWE-644 CWE-22 CWE-835 CWE-367 CWE-203 CWE-190 CWE-476 CWE-401 CWE-200 CWE-310 CWE-254 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Vulnerability #18 is being exploited in the wild. Vulnerability #19 is being exploited in the wild. Public exploit code for vulnerability #40 is available. |
| Vulnerable software |
Red Hat Migration Toolkit for Applications Server applications / Other server solutions |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 58 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU81865
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2023-38545
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the SOCKS5 proxy handshake. A remote attacker can trick the victim to visit a malicious website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that SOCKS5 proxy is used and that SOCKS5 handshake is slow (e.g. under heavy load or DoS attack).
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Buffer overflow
EUVDB-ID: #VU78287
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-26966
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the uv_encode() function. A remote attacker can pass a specially crafted TIFF file to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU82980
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-27043
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass filtration.
The vulnerability exists due to insufficient validation of user-supplied input when parsing email address with a special character. A remote attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU73835
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-28100
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a malicious application to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when handling copy/paste operations. If a Flatpak app is run on a Linux virtual console such as `/dev/tty1`, it can copy text from the virtual console and paste it into the command buffer, from which the command might be run after the Flatpak app has exited.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU73834
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-28101
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to insufficient validation of user-supplied input when displaying permissions and metadata. A remote attacker can create a specially crafted app that manipulates the appearance of the permissions list through metadata, convincing the user into granting to the app more permissions than agreed by the user.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU75141
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29491
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing malformed data in a terminfo database file. A local user can trigger memory corruption and execute arbitrary code on the target system.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Input validation error
EUVDB-ID: #VU77351
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29499
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper Certificate Validation
EUVDB-ID: #VU75606
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-31486
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to missing verification of the TLS certificate. A remote attacker can perform MitM attack and trick the application into downloading a malicious file. MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Heap-based buffer overflow
EUVDB-ID: #VU76761
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-32324
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the format_log_line() function cups/string.c when the "loglevel" is set to "DEBUG". A remote attacker can pass specially crafted data to the daemon, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Resource exhaustion
EUVDB-ID: #VU77350
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-32611
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within the g_variant_byteswap() function. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Resource exhaustion
EUVDB-ID: #VU77349
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-32665
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Use-after-free
EUVDB-ID: #VU77641
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-34241
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in cupsdAcceptClient(). A remote attacker can cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Access of Uninitialized Pointer
EUVDB-ID: #VU79586
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-36054
CWE-ID:
CWE-824 - Access of Uninitialized Pointer
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to the _xdr_kadm5_principal_ent_rec() function in lib/kadm5/kadm_rpc_xdr.c does not validate the relationship between n_key_data and the key_data array count and frees an uninitialized pointer. A remote user can send a specially crafted request to the application and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) External control of file name or path
EUVDB-ID: #VU81863
Risk: Low
CVSSv3.1: 2.3 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38546
CWE-ID:
CWE-73 - External Control of File Name or Path
Exploit availability: No
DescriptionThe vulnerability allows an attacker to inject arbitrary cookies into request.
The vulnerability exists due to the way cookies are handled by libcurl. If a transfer has cookies enabled when the handle is duplicated, the
cookie-enable state is also cloned - but without cloning the actual
cookies. If the source handle did not read any cookies from a specific
file on disk, the cloned version of the handle would instead store the
file name as none (using the four ASCII letters, no quotes).
none - if such a file exists and is readable in the current directory of the program using libcurl.
Mitigation
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Buffer overflow
EUVDB-ID: #VU71458
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-22745
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in "Tss2_RC_SetHandler" and "Tss2_RC_Decode". A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Out-of-bounds read
EUVDB-ID: #VU81044
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39615
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the xmlSAX2StartElement() function in /libxml2/SAX2.c. A remote attacker can pass specially crafted XML input to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Double Free
EUVDB-ID: #VU79344
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39975
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the free_req_info(). A remote attacker send a specially crafted request to trigger a double free error and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Buffer overflow
EUVDB-ID: #VU83606
Risk: Critical
CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2023-42917
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note, the vulnerability is being actively exploited in the wild.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
19) Resource exhaustion
EUVDB-ID: #VU81728
Risk: High
CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H/RL:O/RC:C]
CVE-ID: CVE-2023-44487
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".
Note, the vulnerability is being actively exploited in the wild.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
20) Information Exposure Through Timing Discrepancy
EUVDB-ID: #VU85623
Risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-0553
CWE-ID:
CWE-208 - Information Exposure Through Timing Discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform timing attack.
The vulnerability exists due to the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. A remote attacker can perform timing sidechannel attack in RSA-PSK key exchange.
Note, the vulnerability exists due to incomplete fox for #VU83316 (CVE-2023-5981).
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Reachable Assertion
EUVDB-ID: #VU85624
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-0567
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion when verifying a certificate chain with a cycle of cross signatures. A remote attacker can pass a specially crafted certificate to the application and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper input validation
EUVDB-ID: #VU85468
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20918
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper input validation
EUVDB-ID: #VU85470
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20919
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Improper input validation
EUVDB-ID: #VU85471
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20921
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Improper input validation
EUVDB-ID: #VU85472
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20926
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Scripting component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper input validation
EUVDB-ID: #VU85473
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20945
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Security component in Oracle GraalVM Enterprise Edition. A local authenticated user can exploit this vulnerability to gain access to sensitive information.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper input validation
EUVDB-ID: #VU85469
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20952
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Security component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Heap-based buffer overflow
EUVDB-ID: #VU78286
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-26965
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the loadImage() function in tools/tiffcrop.c. A remote attacker can pass specially crafted TIFF file to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Out-of-bounds read
EUVDB-ID: #VU84985
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-7104
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the sessionReadRecord() function in ext/session/sqlite3session.c when processing a corrupt changeset. A remote user can send a specially crafted request to trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Resource exhaustion
EUVDB-ID: #VU66065
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1962
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in go/parser. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Link following
EUVDB-ID: #VU79521
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35938
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to escalate privileges on the system.
The vulnerability occurs when rpm sets the desired permissions and credentials after installing a file. A local privileged user can use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Out-of-bounds write
EUVDB-ID: #VU71109
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-45693
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack..
The vulnerability exists due to a boundary error when processing data passed via the map parameter. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds write and perform a denial of service (DoS) attack. MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) XML External Entity injection
EUVDB-ID: #VU79749
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46751
CWE-ID:
CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Uncontrolled Recursion
EUVDB-ID: #VU75431
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1436
CWE-ID:
CWE-674 - Uncontrolled Recursion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to uncontrolled recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Incorrect default permissions
EUVDB-ID: #VU77107
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2976
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions in com.google.common.io.FileBackedOutputStream. A local user with access to the system can view contents of files and directories or modify them.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Open redirect
EUVDB-ID: #VU85369
Risk: Low
CVSSv3.1: 3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-26159
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data within the url.parse() function. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Improper Neutralization of HTTP Headers for Scripting Syntax
EUVDB-ID: #VU78327
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29406
CWE-ID:
CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper input validation in HTTP/1 client when handling HTTP Host header. A remote non-authenticated attacker can send a specially crafted HTTP request with a maliciously crafted Host header and inject additional headers or entire requests.
Successful exploitation of the vulnerability may allow an attacker to perform cross-site scripting, cache poisoning or session hijacking attacks.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Improper Certificate Validation
EUVDB-ID: #VU78913
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29409
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to verifying certificate chains containing large RSA keys is slow. A remote attacker can cause a client/server to expend significant CPU time verifying signatures.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Improper input validation
EUVDB-ID: #VU82122
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-35116
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform service disruption.
The vulnerability exists due to improper input validation within the Oracle Database Fleet Patching and Provisioning (jackson-databind) in Oracle Database Server. A remote authenticated user can exploit this vulnerability to perform service disruption.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Path traversal
EUVDB-ID: #VU67583
Risk: High
CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2007-4559
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The
vulnerability exists due to improper validation of filenames in the
tarfile module in Python. A remote attacker can
create a specially crafted archive with symbolic links inside or
filenames that contain directory traversal characters (e.g. "..") and
overwrite arbitrary files on the system.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
41) Infinite loop
EUVDB-ID: #VU79113
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3468
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work() function. A local user can consume all available system resources and cause denial of service conditions.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Reachable Assertion
EUVDB-ID: #VU83306
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3502
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion within the avahi_s_host_name_resolver_start function. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Time-of-check Time-of-use (TOCTOU) Race Condition
EUVDB-ID: #VU79522
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35937
CWE-ID:
CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to escalate privileges on the system.
The vulnerability exist due to race condition. A local privileged user can bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Link following
EUVDB-ID: #VU79523
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-35939
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to escalate privileges on the system.
The vulnerability exist due to fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local privileged user who owns another ancestor directory could potentially use this flaw to gain root privileges.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Observable discrepancy
EUVDB-ID: #VU84568
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6135
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a side-channel attack in multiple NSS NIST curves, known as "Minerva". A remote attacker can recover the private key and decrypt data passed between server and client.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Integer overflow
EUVDB-ID: #VU63553
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-43618
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in mpz/inp_raw.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Integer overflow
EUVDB-ID: #VU71752
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-24963
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the apr_encode() function. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Out-of-bounds write
EUVDB-ID: #VU69176
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-44638
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the rasterize_edges_8() function. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Input validation error
EUVDB-ID: #VU75444
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1981
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A local user can initiate a DBUS call to the daemon and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) NULL pointer dereference
EUVDB-ID: #VU79568
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2731
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the LZWDecode() function in the libtiff/tif_lzw.c. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Out-of-bounds write
EUVDB-ID: #VU77450
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3138
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within src/InitExt.c in libX11. A remote attacker can send specially crafted data to the server, trigger an out-of-bounds write and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) NULL pointer dereference
EUVDB-ID: #VU78288
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3316
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the TIFFClose() function. A remote attacker can pass specially TIFf file to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Memory leak
EUVDB-ID: #VU78727
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3576
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in tools/tiffcrop.c when handling TIFF files. A remote attacker can force the application to leak memory and perform denial of service attack.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Out-of-bounds write
EUVDB-ID: #VU79561
Risk: High
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-4016
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when processing untrusted input. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Information disclosure
EUVDB-ID: #VU80801
Risk: Low
CVSSv3.1: 3.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-4641
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to an error in gpasswd(1), which fails to clean memory properly. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. A local user with enough access can retrieve the password from the memory.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Cryptographic issues
EUVDB-ID: #VU82349
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-5363
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to an error when processing key and initialisation vector lengths in EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() function. A remote attacker can gain access to potentially sensitive information.
The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.
Install updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Security features bypass
EUVDB-ID: #VU83441
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-5557
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions. A malicious file can execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Information Exposure Through Timing Discrepancy
EUVDB-ID: #VU83316
Risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-5981
CWE-ID:
CWE-208 - Information Exposure Through Timing Discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform timing attack.
The vulnerability exists due to the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. A remote attacker can perform timing sidechannel attack in RSA-PSK key exchange.
MitigationInstall updates from vendor's website.
Red Hat Migration Toolkit for Applications: before 6.2
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:1027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
