CVE | Synopsis | Impact (CVSS) | Products | Affects Version | Fix Version | Publish Date |
CVE-2024-21094 CVE-2024-21011 CVE-2024-21068 CVE-2024-21012 |
Update JDK to 17.0.11 The vulnerability allows unauthenticated attackers with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. |
Low (3.7) |
Couchbase Server |
Server 7.6.1, 7.6.0, 7.2.5 7.2.4, 7.2.3, 7.2.2, 7.2.1, 7.2.0, 7.1.x, 7.0.x, 6.x |
Server 7.6.2, 7.2.6 |
August 2024 |
CVE-2016-2183 CVE-2016-6329 |
Cluster management ports vulnerable to SWEET32 Vulnerability. The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. |
High (8.7) |
Couchbase Server |
Server 7.2.5, 7.2.4, 7.2.3, 7.2.2, 7.2.1, 7.2.0, 7.1.x, 7.0.x, 6.x, 5.x 4.x 3.x, 2.x |
Server 7.6.0, 7.2.6 |
August 2024 |
CVE-2024-25673 |
Header Manipulation Vulnerability. The Host header from an incoming HTTP request was blindly copied to the Location header. |
Medium (4.2) |
Couchbase Server |
Server 7.6.1, 7.6.0, 7.2.5, 7.2.4, 7.2.3, 7.2.2, 7.2.1, 7.2.0, 7.1.x, 7.0.x, 6.x, 5.x, 4.x, 3.x, 2.x |
Server 7.6.2, 7.2.6 |
August 2024 |
Comments
0 comments
Please sign in to leave a comment.