VYPR

rpm package

almalinux/keepalived

pkg:rpm/almalinux/keepalived

Vulnerabilities (2)

  • CVE-2024-41184CriJul 18, 2024
    affected < 2.1.5-10.el8_10fixed 2.1.5-10.el8_10

    In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user.

  • CVE-2021-44225Nov 26, 2021
    affected < 2.1.5-8.el8fixed 2.1.5-8.el8

    In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writab