Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-09 | CVE-2021-43173 | Resource Exhaustion vulnerability in multiple products In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. | 7.5 |
| 2021-11-09 | CVE-2021-43174 | Out-of-bounds Write vulnerability in multiple products NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. | 7.5 |
| 2021-11-09 | CVE-2021-43114 | FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. | 7.5 |
| 2021-11-08 | CVE-2021-41771 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. | 7.5 |
| 2021-11-05 | CVE-2021-35368 | OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname. | 9.8 |
| 2021-11-05 | CVE-2021-3927 | vim is vulnerable to Heap-based Buffer Overflow | 7.8 |
| 2021-11-05 | CVE-2021-3928 | vim is vulnerable to Use of Uninitialized Variable | 7.8 |
| 2021-11-04 | CVE-2021-43400 | Use After Free vulnerability in multiple products An issue was discovered in gatt-database.c in BlueZ 5.61. | 9.1 |
| 2021-11-04 | CVE-2021-43389 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.14.15. | 5.5 |
| 2021-11-03 | CVE-2021-22960 | HTTP Request Smuggling vulnerability in multiple products The parse function in llhttp < 2.1.4 and < 6.0.6. | 6.5 |