Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2021-20285 | Out-of-bounds Write vulnerability in UPX Project UPX 3.96 A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. | 8.3 |
| 2021-03-26 | CVE-2021-20284 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. | 5.5 |
| 2021-03-26 | CVE-2021-20271 | Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in RPM's signature check functionality when reading a package file. | 7.0 |
| 2021-03-26 | CVE-2021-20197 | Link Following vulnerability in multiple products There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. | 6.3 |
| 2021-03-26 | CVE-2021-20193 | Memory Leak vulnerability in GNU TAR A flaw was found in the src/list.c of tar 1.33 and earlier. | 5.5 |
| 2021-03-26 | CVE-2021-1629 | Open Redirect vulnerability in Tableau Server Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users. | 5.8 |
| 2021-03-26 | CVE-2021-1628 | XXE vulnerability in Salesforce Mule MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. | 7.5 |
| 2021-03-26 | CVE-2021-1627 | Server-Side Request Forgery (SSRF) vulnerability in Salesforce Mule MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. | 7.5 |
| 2021-03-26 | CVE-2021-1626 | Unspecified vulnerability in Salesforce Mule MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. | 7.5 |
| 2021-03-26 | CVE-2020-35518 | Information Exposure Through Discrepancy vulnerability in Redhat 389 Directory Server When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. | 5.0 |