Redhat Virtualization 4.2

CPE Details

Redhat Virtualization 4.2
4.2
2019-05-29
13h31 +00:00
2019-05-29
13h31 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*

Informations

Vendor

redhat

Product

virtualization

Version

4.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-14287 2019-10-17 15h03 +00:00 In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
8.8
High
CVE-2018-1114 2018-09-11 13h00 +00:00 It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
6.5
Medium
CVE-2018-10237 2018-04-26 19h00 +00:00 Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.
5.9
Medium