MEDIUM🇵🇱 Wersja polska

CVE-2019-10153

CVSS 5.0v3.1pub. 2019-07-30upd. 2024-11-21

A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  • Clusterlabs Fence Agents

    APP
    Clusterlabs
    < 4.3.4
  • Red Hat Enterprise Linux

    OS
    Redhat
    8.0
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    7.0
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    7.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...

CVE-2019-5544CRITICAL9.8⚠ KEVten sam produkt

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...

CVE-2018-14667CRITICAL9.8⚠ KEVten sam produkt

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserReso...

CVE-2016-4171CRITICAL9.8⚠ KEVten sam produkt

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...