New Alerts for Apache Tomcat, NetApp, F5, HPE, and Linux.
Apache
Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.
More info.
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 8.8
No patches yet.
More info.
Traffix SDC contains a vulnerability that allows a remote attacker to inject additional attributes into elements and perform XSS attacks, potentially leading to unauthorized actions or information disclosure. CVSSv3 score of 5.4.
More info.
BIG-IP Next products contain a vulnerability that allows a remote attacker to cause a DoS. Highest CVSSv3 score of 5.9
No patches.
More info.
A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a CSRF in the login flow. CVSSv3 score of 4.3
More info.
SUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Amazon Linux 2 has updated the kernel. More info.
Comments