Lucene search
Veracode Vulnerability DatabaseVERACODE:33099HistoryNov 25, 2021 - 3:21 p.m.
Regular Expression Denial Of Service (ReDoS)
2021-11-2515:21:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
xen
redos
denial of service
EPSS
0.003
Percentile
70.0%
Xen is vulnerable to regular expression denial of service (ReDoS) attacks. An attacker is able to manipulate the application by inserting unknown input leads resulting in denial of service conditions.
References
lists.fedoraproject.org/archives/list/[email protected]/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT/
lists.fedoraproject.org/archives/list/[email protected]/message/PXUI4VMD52CH3T7YXAG3J2JW7ZNN3SXF/
secdb.alpinelinux.org/v3.11/main.yaml
secdb.alpinelinux.org/v3.12/main.yaml
www.debian.org/security/2021/dsa-5017
xenbits.xenproject.org/xsa/advisory-385.txt
Related
cvelist
cvelist
CVE-2021-28706
2021-11-24 00:00:00
osv
osv
CVE-2021-28706
2021-11-24 01:15:08
xen - security update
2021-12-05 00:00:00
cve
cve
CVE-2021-28706
2021-11-24 01:15:08
ubuntucve
ubuntucve
CVE-2021-28706
2021-11-24 00:00:00
prion
prion
Input validation
2021-11-24 01:15:00
nvd
nvd
CVE-2021-28706
2021-11-24 01:15:08
debiancve
debiancve
CVE-2021-28706
2021-11-24 01:15:08
xen
xen
guests may exceed their designated memory limit
2021-11-23 12:00:00
nessus
nessus
OracleVM 3.4 : xen (OVMSA-2022-0004)
2022-01-11 00:00:00
OracleVM 3.4 : xen (OVMSA-2022-0003)
2022-01-11 00:00:00
SUSE SLES12 Security Update : xen (SUSE-SU-2021:3813-1)
2021-11-30 00:00:00
openvas
openvas
Fedora: Security Advisory for xen (FEDORA-2021-2b3a2de94f)
2021-12-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3813-1)
2021-11-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3851-1)
2021-12-02 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: xen-4.14.3-3.fc34
2021-12-09 01:35:12
[SECURITY] Fedora 35 Update: xen-4.15.1-4.fc35
2021-12-01 01:21:44
debian
debian
[SECURITY] [DSA 5017-1] xen security update
2021-12-05 11:35:31
suse
suse
Security update for xen (moderate)
2021-12-07 00:00:00
Security update for xen (moderate)
2021-12-06 00:00:00
gentoo
gentoo
Xen: Multiple Vulnerabilities
2024-02-04 00:00:00