#dos

Gentoo Linux Security Advisory 202305-22 - Multiple vulnerabilities have been discovered in ISC DHCP, the worst of which could result in denial of service. Versions less than 4.4.3_p1 are affected.

Gentoo Linux Security Advisory 202305-20 - A buffer overflow vulnerability has been discovered in libapreq2 which could result in denial of service. Versions less than 2.17 are affected.

Multicluster Engine for Kubernetes 2.0.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

Gentoo Linux Security Advisory 202305-16 - Multiple vulnerabilities have been found in Vim, the worst of which could result in denial of service. Versions less than 9.0.1157 are affected.

Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.

Gentoo Linux Security Advisory 202305-15 - Multiple vulnerabilities have been discovered in systemd, the worst of which could result in denial of service.

Gentoo Linux Security Advisory 202305-11 - Multiple vulnerabilities have been found in Tor, the worst of which could result in denial of service. Versions less than 0.4.7.13 are affected.

Gentoo Linux Security Advisory 202305-9 - A denial of service vulnerability was discovered in rsyslog related to syslog input over the network. Versions less than 3.38.1 are affected.

An updated version of Red Hat Update Infrastructure (RHUI) is now available. RHUI 4.4 fixes several security and operational bugs, and introduces multiple new features.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40899: An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. * CVE-2023-23969: A flaw was found in python-django. The parsed values of the Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial of service vector via excessive memory usage if large header values are sent. * CVE-2023-24580: A memory exhaustion flaw was found in the python-django package....

Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37533: A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about service...