Bitnami package
powershell
pkg:bitnami/powershell
Vulnerabilities (25)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-43896 | — | >= 7.2.0, < 7.2.1 | 7.2.1 | Dec 15, 2021 | Microsoft PowerShell Spoofing Vulnerability | ||
| CVE-2021-41355 | — | >= 7.1.0, < 7.1.5 | 7.1.5 | Oct 13, 2021 | .NET Core and Visual Studio Information Disclosure Vulnerability | ||
| CVE-2020-8927 | — | >= 7.0.0, < 7.0.9 | 7.0.9 | Sep 15, 2020 | A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to upda | ||
| CVE-2020-0951 | — | >= 7.0.0, < 7.0.8 | 7.0.8 | Sep 11, 2020 | A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.</p | ||
| CVE-2020-1108 | — | >= 7.0.0, <= 7.0.0 | — | May 21, 2020 | A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. |
- CVE-2021-43896Dec 15, 2021affected >= 7.2.0, < 7.2.1fixed 7.2.1
Microsoft PowerShell Spoofing Vulnerability
- CVE-2021-41355Oct 13, 2021affected >= 7.1.0, < 7.1.5fixed 7.1.5
.NET Core and Visual Studio Information Disclosure Vulnerability
- CVE-2020-8927Sep 15, 2020affected >= 7.0.0, < 7.0.9fixed 7.0.9
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to upda
- CVE-2020-0951Sep 11, 2020affected >= 7.0.0, < 7.0.8fixed 7.0.8
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.</p
- CVE-2020-1108May 21, 2020affected >= 7.0.0, <= 7.0.0
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.
Page 2 of 2