rpm package
suse/keepalived&distro=SUSE Linux Enterprise High Availability Extension 15 SP3
pkg:rpm/suse/keepalived&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-41184 | Cri | 9.8 | < 2.0.19-150100.3.9.1 | 2.0.19-150100.3.9.1 | Jul 18, 2024 | In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. | |
| CVE-2021-44225 | — | < 2.0.19-150100.3.6.1 | 2.0.19-150100.3.6.1 | Nov 26, 2021 | In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writab |
- affected < 2.0.19-150100.3.9.1fixed 2.0.19-150100.3.9.1
In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user.
- CVE-2021-44225Nov 26, 2021affected < 2.0.19-150100.3.6.1fixed 2.0.19-150100.3.6.1
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writab