VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221826 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2020-25658 redhat_vex python-rsa: bleichenbacher timing oracle attack against RSA decryption fixed: 6 known affected: 5 known not affected: 1492 2026-07-03T02:07:58+00:00 Vulnerability · Source
CVE-2020-13529 redhat_vex systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured fixed: 222 known affected: 29 known not affected: 40 2026-07-03T02:07:57+00:00 Vulnerability · Source
CVE-2020-11022 redhat_vex jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method fixed: 465 known affected: 142 known not affected: 808 2026-07-03T02:07:54+00:00 Vulnerability · Source
CVE-2020-1747 redhat_vex PyYAML: arbitrary command execution through python/object/new when FullLoader is used fixed: 221 known affected: 2 known not affected: 16 2026-07-03T02:07:49+00:00 Vulnerability · Source
CVE-2021-41099 redhat_vex redis: Integer overflow issue with strings fixed: 107 known affected: 1 known not affected: 146 2026-07-03T02:07:45+00:00 Vulnerability · Source
CVE-2021-32765 redhat_vex hiredis: an integer overflow may occur if provided maliciously crafted or corrupted RESP mult-bulk protocol data known not affected: 2 2026-07-03T02:07:44+00:00 Vulnerability · Source
CVE-2021-32687 redhat_vex redis: Integer overflow issue with intsets fixed: 107 known not affected: 147 2026-07-03T02:07:40+00:00 Vulnerability · Source
CVE-2021-32675 redhat_vex redis: Denial of service via Redis Standard Protocol (RESP) request fixed: 107 known not affected: 147 2026-07-03T02:07:39+00:00 Vulnerability · Source
CVE-2021-32628 redhat_vex redis: Integer overflow bug in the ziplist data structure fixed: 107 known not affected: 147 2026-07-03T02:07:35+00:00 Vulnerability · Source
CVE-2021-32627 redhat_vex redis: Integer overflow issue with Streams fixed: 107 known not affected: 147 2026-07-03T02:07:34+00:00 Vulnerability · Source
CVE-2021-32626 redhat_vex redis: Lua scripts can overflow the heap-based Lua stack fixed: 107 known affected: 1 known not affected: 146 2026-07-03T02:07:31+00:00 Vulnerability · Source
CVE-2021-25741 redhat_vex kubernetes: Symlink exchange can allow host filesystem access fixed: 42 known affected: 1 known not affected: 78 2026-07-03T02:07:30+00:00 Vulnerability · Source
CVE-2021-23358 redhat_vex nodejs-underscore: Arbitrary code execution via the template function fixed: 275 known affected: 55 known not affected: 115 2026-07-03T02:07:29+00:00 Vulnerability · Source
CVE-2019-16789 redhat_vex waitress: HTTP Request Smuggling through Invalid whitespace characters in headers fixed: 13 known affected: 7 2026-07-03T02:07:20+00:00 Vulnerability · Source
CVE-2019-16786 redhat_vex waitress: HTTP request smuggling through invalid Transfer-Encoding fixed: 13 known affected: 7 2026-07-03T02:07:16+00:00 Vulnerability · Source
CVE-2019-3866 redhat_vex openstack-mistral: information disclosure in mistral log fixed: 20 known affected: 33 known not affected: 2611 2026-07-03T02:07:15+00:00 Vulnerability · Source
CVE-2019-16785 redhat_vex waitress: HTTP request smuggling through LF vs CRLF handling fixed: 13 known affected: 7 2026-07-03T02:07:15+00:00 Vulnerability · Source
CVE-2024-43168 redhat_vex unbound: Heap-Buffer-Overflow in Unbound known affected: 33 known not affected: 2 2026-07-03T02:01:16+00:00 Vulnerability · Source
CVE-2024-43167 redhat_vex unbound: NULL Pointer Dereference in Unbound known affected: 31 known not affected: 2 2026-07-03T02:01:15+00:00 Vulnerability · Source
CVE-2024-32021 redhat_vex git: symlink bypass fixed: 153 known affected: 67 2026-07-03T02:01:12+00:00 Vulnerability · Source
CVE-2024-32020 redhat_vex git: insecure hardlinks fixed: 153 known affected: 67 2026-07-03T02:01:10+00:00 Vulnerability · Source
CVE-2024-9683 redhat_vex quay: Quay allows successful authentication with trucated version of the password known affected: 1 2026-07-03T02:01:07+00:00 Vulnerability · Source
CVE-2023-45145 redhat_vex redis: possible bypass of Unix socket permissions on startup fixed: 57 known affected: 2 known not affected: 7 2026-07-03T02:01:06+00:00 Vulnerability · Source
CVE-2023-6228 redhat_vex libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c fixed: 84 known affected: 13 2026-07-03T02:01:03+00:00 Vulnerability · Source
CVE-2023-5752 redhat_vex pip: Mercurial configuration injectable in repo revision when installing via pip fixed: 8 known affected: 5 known not affected: 294 2026-07-03T02:01:02+00:00 Vulnerability · Source
CVE-2023-4956 redhat_vex quay: Clickjacking on config-editor page Severity known affected: 1 2026-07-03T02:00:57+00:00 Vulnerability · Source
CVE-2023-2908 redhat_vex libtiff: null pointer dereference in tif_dir.c known not affected: 21 2026-07-03T02:00:56+00:00 Vulnerability · Source
CVE-2023-25588 redhat_vex binutils: Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab` known affected: 15 known not affected: 7 2026-07-03T02:00:54+00:00 Vulnerability · Source
CVE-2023-25586 redhat_vex binutils: Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized known not affected: 41 2026-07-03T02:00:52+00:00 Vulnerability · Source
CVE-2023-25585 redhat_vex binutils: Field `file_table` of `struct module *module` is uninitialized known affected: 15 known not affected: 7 2026-07-03T02:00:49+00:00 Vulnerability · Source
CVE-2023-23934 redhat_vex python-werkzeug: cookie prefixed with = can shadow unprefixed cookie fixed: 500 known affected: 21 2026-07-03T02:00:47+00:00 Vulnerability · Source
CVE-2023-0512 redhat_vex vim: divide by zero in adjust_skipcol() at move.ca known affected: 24 2026-07-03T02:00:46+00:00 Vulnerability · Source
CVE-2022-24859 redhat_vex PyPDF2: infinite loop vulnerability known affected: 1 2026-07-03T02:00:44+00:00 Vulnerability · Source
CVE-2022-24736 redhat_vex redis: Malformed Lua script can crash Redis fixed: 39 known affected: 15 2026-07-03T02:00:39+00:00 Vulnerability · Source
CVE-2022-24735 redhat_vex redis: Code injection via Lua script execution environment fixed: 39 known affected: 15 2026-07-03T02:00:37+00:00 Vulnerability · Source
CVE-2022-3647 redhat_vex redis: crash in sigsegvHandler debug function known affected: 21 2026-07-03T02:00:35+00:00 Vulnerability · Source
CVE-2022-3491 redhat_vex vim: Heap-based Buffer Overflow prior to 9.0.0742 known not affected: 24 2026-07-03T02:00:33+00:00 Vulnerability · Source
CVE-2022-1056 redhat_vex libtiff: heap-based buffer overflow in _TIFFmemcpy() in tif_unix.c known affected: 21 2026-07-03T02:00:32+00:00 Vulnerability · Source
CVE-2024-45296 redhat_vex path-to-regexp: Backtracking regular expressions cause ReDoS fixed: 869 known affected: 39 known not affected: 2095 2026-07-03T01:55:17+00:00 Vulnerability · Source
CVE-2024-43800 redhat_vex serve-static: Improper Sanitization in serve-static fixed: 284 known affected: 38 known not affected: 833 2026-07-03T01:55:11+00:00 Vulnerability · Source
CVE-2024-43799 redhat_vex send: Code Execution Vulnerability in Send Library fixed: 278 known affected: 35 known not affected: 840 2026-07-03T01:55:10+00:00 Vulnerability · Source
CVE-2024-43796 redhat_vex express: Improper Input Handling in Express Redirects fixed: 215 known affected: 42 known not affected: 851 2026-07-03T01:55:01+00:00 Vulnerability · Source
CVE-2024-43788 redhat_vex webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule fixed: 184 known affected: 41 known not affected: 327 2026-07-03T01:54:58+00:00 Vulnerability · Source
CVE-2024-42353 redhat_vex webob: WebOb's location header normalization during redirect leads to open redirect fixed: 519 known affected: 10 known not affected: 1699 2026-07-03T01:54:51+00:00 Vulnerability · Source
CVE-2024-37890 redhat_vex nodejs-ws: denial of service when handling a request with many HTTP headers fixed: 22 known affected: 37 known not affected: 623 under investigation: 46 2026-07-03T01:54:47+00:00 Vulnerability · Source
CVE-2024-37891 redhat_vex urllib3: proxy-authorization request header is not stripped during cross-origin redirects fixed: 1571 known affected: 34 known not affected: 3759 2026-07-03T01:54:47+00:00 Vulnerability · Source
CVE-2024-37371 redhat_vex krb5: GSS message token handling fixed: 1014 known affected: 10 known not affected: 66 2026-07-03T01:54:40+00:00 Vulnerability · Source
CVE-2024-37370 redhat_vex krb5: GSS message token handling fixed: 858 known affected: 9 known not affected: 49 2026-07-03T01:54:35+00:00 Vulnerability · Source
CVE-2024-35195 redhat_vex requests: subsequent requests to the same host ignore cert verification fixed: 205 known affected: 30 known not affected: 622 2026-07-03T01:54:31+00:00 Vulnerability · Source
CVE-2024-34062 redhat_vex python-tqdm: non-boolean CLI arguments may lead to local code execution known affected: 1 known not affected: 2 2026-07-03T01:54:29+00:00 Vulnerability · Source