IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, and 18.5 requires the end user to have access to the server SSL key which could allow a local user to decrypt and obtain sensitive information. The vulnerability does not exist if SSL / TLS encryption is used. It is possible for a well-placed attacker to predict the output of this random number generator, which could lead to an attacker decrypting traffic between the driver and the database server. When using Oracle Advanced Security (OAS) encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses an insecure random number generator to generate the private key. Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default.Īn issue was discovered in Progress DataDirect Connect for ODBC before for Oracle. This issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.Ī double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3.
This issue affects Juniper Networks Junos OS on SRX Series: 22.2 versions prior to 22.2R3 22.3 versions prior to 22.3R2-S1, 22.3R3 22.4 versions prior to 22.4R1-S2, 22.4R2. Other products, platforms, and configurations are not affected by this vulnerability. The jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Service restoration is only possible by rebooting the system. An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition.
0 kommentar(er)
