rpm package
almalinux/pki-symkey
pkg:rpm/almalinux/pki-symkey
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-4213 | — | < 10.12.0-2.module_el8.6.0+2764+9fc58d50 | 10.12.0-2.module_el8.6.0+2764+9fc58d50 | Aug 24, 2022 | A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service. | ||
| CVE-2022-2414 | — | < 11.0.6-2.el9_0 | 11.0.6-2.el9_0 | Jul 29, 2022 | Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. |
- CVE-2021-4213Aug 24, 2022affected < 10.12.0-2.module_el8.6.0+2764+9fc58d50fixed 10.12.0-2.module_el8.6.0+2764+9fc58d50
A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.
- CVE-2022-2414Jul 29, 2022affected < 11.0.6-2.el9_0fixed 11.0.6-2.el9_0
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.