Product:

Http_server

(Oracle)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 98
Date Id Summary Products Score Patch Annotated
2021-12-13 CVE-2021-43818 lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. Debian_linux, Fedora, Lxml, Hci_storage_node_firmware, Solidfire, Solidfire_enterprise_sds, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy, Http_server, Zfs_storage_appliance_kit 7.1
2021-10-27 CVE-2021-25219 In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may... Debian_linux, Fedora, Bind, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Http_server, Zfs_storage_appliance_kit, Sinec_infrastructure_network_services 5.3
2021-08-23 CVE-2021-35940 An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue. Portable_runtime, Http_server 7.1
2022-06-01 CVE-2020-26184 Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate Validation vulnerability. Bsafe_micro\-Edition\-Suite, Http_server, Security_service, Weblogic_server_proxy_plug\-In 7.5
2022-06-01 CVE-2020-26185 Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability. Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In 7.5
2022-07-11 CVE-2020-29506 Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In 9.8
2022-07-11 CVE-2020-29507 Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In 9.8
2022-07-11 CVE-2020-29508 Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability. Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In 9.8
2022-07-11 CVE-2020-35163 Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability. Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In 9.8
2022-02-09 CVE-2022-0391 A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. Fedora, Active_iq_unified_manager, Hci, Hci_compute_node, Management_services_for_element_software, Ontap_select_deploy_administration_utility, Solidfire\,_enterprise_sds_\&_hci_storage_node, Http_server, Zfs_storage_appliance_kit, Python 7.5