A vulnerability classified as problematic has been found in ARM mbed TLS up to 2.7.16 LTS/2.16.7 LTS/2.23.x. This affects the function mbedtls_ssl_read
of the component Plaintext Buffer Handler. Upgrading to version 2.7.17 LTS, 2.16.8 LTS or 2.24.0 eliminates this vulnerability. The upgrade is hosted for download at github.com.
ARM mbed TLS up to 2.7.16 LTS/2.16.7 LTS/2.23.x Plaintext Buffer mbedtls_ssl_read information disclosure
- Virtual Patching
- August 23, 2021
- 9:04 am
CVE-2024-20381 : CISCO IOS XR JSON-RPC API IMPROPER AUTHORIZATION
Description A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco
CVE-2024-44466 : COMFAST CF-XR11 2.7.2 HTTP POST REQUEST /USR/BIN/WEBMGNT SUB_424CB4 IFACE COMMAND INJECTION
Description COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt
CVE-2024-45013 : LINUX KERNEL UP TO 6.10.6 NVME_UNINIT_CTRL USE AFTER FREE
Description In the Linux kernel, the following vulnerability has been resolved: nvme: move stopping keep-alive into nvme_uninit_ctrl() Commit 4733b65d82bd (“nvme: