VYPR

rpm package

almalinux/pki-tools

pkg:rpm/almalinux/pki-tools

Vulnerabilities (2)

  • CVE-2021-4213Aug 24, 2022
    affected < 10.12.0-2.module_el8.6.0+2764+9fc58d50fixed 10.12.0-2.module_el8.6.0+2764+9fc58d50

    A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

  • CVE-2022-2414Jul 29, 2022
    affected < 11.0.6-2.el9_0fixed 11.0.6-2.el9_0

    Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.