FKIE_CVE-2024-1394

Vulnerability from fkie_nvd - Published: 2024-03-21 13:00 - Updated: 2025-05-13 09:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.
References
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1462
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1468
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1472
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1501
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1502
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1561
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1563
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1566
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1567
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1574
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1640
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1644
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1646
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1763
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:1897
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:2562
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:2568
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:2569
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:2729
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:2730
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:2767
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:3265
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:3352
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4146
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4371
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4378
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4379
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4502
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4581
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4591
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4672
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4699
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4761
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4762
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:4960
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:5258
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:5634
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2024:7262
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:7118
secalert@redhat.comhttps://access.redhat.com/security/cve/CVE-2024-1394
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2262921
secalert@redhat.comhttps://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136
secalert@redhat.comhttps://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6
secalert@redhat.comhttps://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f
secalert@redhat.comhttps://pkg.go.dev/vuln/GO-2024-2660
secalert@redhat.comhttps://vuln.go.dev/ID/GO-2024-2660.json
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1462
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1468
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1472
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1501
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1502
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1561
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1563
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1566
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1567
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1574
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1640
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1644
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1646
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1763
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:1897
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:2562
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:2568
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:2569
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:2729
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:2730
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:2767
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:3265
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:3352
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4146
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4371
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4378
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4379
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4502
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4581
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4591
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4672
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4699
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4761
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2024:4762
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/security/cve/CVE-2024-1394
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=2262921
af854a3a-2127-422b-91ae-364da2661108https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136
af854a3a-2127-422b-91ae-364da2661108https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6
af854a3a-2127-422b-91ae-364da2661108https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f
af854a3a-2127-422b-91ae-364da2661108https://pkg.go.dev/vuln/GO-2024-2660
af854a3a-2127-422b-91ae-364da2661108https://vuln.go.dev/ID/GO-2024-2660.json
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs\u200b. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey\u200b and ctx\u200b. That function uses named return parameters to free pkey\u200b and ctx\u200b if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey\u200b and ctx\u200b will be nil inside the deferred function that should free them."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una falla de p\u00e9rdida de memoria en Golang en el c\u00f3digo de cifrado/descifrado RSA, lo que podr\u00eda conducir a una vulnerabilidad de agotamiento de recursos mediante entradas controladas por el atacante. La p\u00e9rdida de memoria ocurre en github.com/golang-fips/openssl/openssl/rsa.go#L113. Los objetos filtrados son pkey? y ctx?. Esa funci\u00f3n utiliza par\u00e1metros de retorno con nombre para liberar pkey? y ctx? si hay un error al inicializar el contexto o al configurar las diferentes propiedades. Todas las declaraciones de devoluci\u00f3n relacionadas con casos de error siguen el patr\u00f3n \"return nil, nil, fail(...)\", lo que significa que pkey? y ctx? ser\u00e1n nulos dentro de la funci\u00f3n diferida que deber\u00eda liberarlos."
    }
  ],
  "id": "CVE-2024-1394",
  "lastModified": "2025-05-13T09:15:19.360",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-21T13:00:08.037",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1462"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1468"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1472"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1501"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1502"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1561"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1563"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1566"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1567"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1574"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1640"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1644"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1646"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1763"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:1897"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:2562"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:2568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:2569"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:2729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:2730"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:2767"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:3265"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:3352"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4146"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4371"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4378"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4379"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4502"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4581"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4591"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4672"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4699"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4761"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4762"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:4960"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:5258"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:5634"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:7262"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:7118"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-1394"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262921"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://pkg.go.dev/vuln/GO-2024-2660"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://vuln.go.dev/ID/GO-2024-2660.json"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1462"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1561"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1563"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1567"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1574"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:1897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:2562"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:2568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:2569"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:2729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:2730"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:2767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:3265"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:3352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4371"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4379"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4672"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4699"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2024:4762"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/security/cve/CVE-2024-1394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://pkg.go.dev/vuln/GO-2024-2660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://vuln.go.dev/ID/GO-2024-2660.json"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.