When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package.

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-96102 advisory.

  - When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory     that finally leads to an out of memory error even for very small inputs. This could be used to mount a     denial of service attack against services that use Compress' tar package. (CVE-2021-35517)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive     (CVE-2021-36090)

  - When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an     entry can result in an infinite loop. This could be used to mount a denial of service attack against     services that use Compress' sevenz package. (CVE-2021-35515)

  - When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that     finally leads to an out of memory error even for very small inputs. This could be used to mount a denial     of service attack against services that use Compress' sevenz package. (CVE-2021-35516)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive     (CVE-2021-36090)

  - When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an     entry can result in an infinite loop. This could be used to mount a denial of service attack against     services that use Compress' sevenz package. (CVE-2021-35515)

  - When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that     finally leads to an out of memory error even for very small inputs. This could be used to mount a denial     of service attack against services that use Compress' sevenz package. (CVE-2021-35516)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory. 
  - Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware (component: Oracle JDeveloper     (Apache Commons Compress)). The supported version that is affected is 12.2.1.4.0. Easily exploitable     vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper.     Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of Oracle JDeveloper. (CVE-2021-36090)

  - Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces (Google Guava)).     The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows low privileged     attacker with logon to the infrastructure where Oracle JDeveloper executes to compromise Oracle JDeveloper.     Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access     to critical data or all Oracle JDeveloper accessible data as well as unauthorized access to critical data or     complete access to all Oracle JDeveloper accessible data. (CVE-2023-2976)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5555 advisory.

    The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform     that allows system administrators to view and manage virtual machines. The Manager provides a     comprehensive range of features including search capabilities, resource management, live migrations, and     virtual infrastructure provisioning.

    Security Fix(es):

    * nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)

    * apache-commons-compress: infinite loop when reading a specially crafted 7Z archive (CVE-2021-35515)

    * apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive     (CVE-2021-35516)

    * apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive     (CVE-2021-35517)

    * apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive     (CVE-2021-36090)

    * nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes     (CVE-2021-3807)

    * spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)

    * semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri     encoding (CVE-2022-31051)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    A list of bugs fixed in this update is available in the Technical Notes book:
    https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.277.x prior to 2.277.43.0.3, or 2.x prior to 2.319.1.5. It is, therefore, affected by a multiple vulnerabilities, including the following:

  - When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory     that finally leads to an out of memory error even for very small inputs. This could be used to mount a     denial of service attack against services that use Compress' tar package. (CVE-2021-35517)

  - jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse     untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an     attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to     complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of     service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may     rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread     watchdogs to cap and timeout parse runtimes. (CVE-2021-37714)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1115-1 advisory.

  - When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an     entry can result in an infinite loop. This could be used to mount a denial of service attack against     services that use Compress' sevenz package. (CVE-2021-35515)

  - When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that     finally leads to an out of memory error even for very small inputs. This could be used to mount a denial     of service attack against services that use Compress' sevenz package. (CVE-2021-35516)

  - When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory     that finally leads to an out of memory error even for very small inputs. This could be used to mount a     denial of service attack against services that use Compress' tar package. (CVE-2021-35517)

  - When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory     that finally leads to an out of memory error even for very small inputs. This could be used to mount a     denial of service attack against services that use Compress' zip package. (CVE-2021-36090)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2612-1 advisory.

  - When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an     entry can result in an infinite loop. This could be used to mount a denial of service attack against     services that use Compress' sevenz package. (CVE-2021-35515)

  - When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that     finally leads to an out of memory error even for very small inputs. This could be used to mount a denial     of service attack against services that use Compress' sevenz package. (CVE-2021-35516)

  - When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory     that finally leads to an out of memory error even for very small inputs. This could be used to mount a     denial of service attack against services that use Compress' tar package. (CVE-2021-35517)

  - When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory     that finally leads to an out of memory error even for very small inputs. This could be used to mount a     denial of service attack against services that use Compress' zip package. (CVE-2021-36090)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2612-1 advisory.

  - When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an     entry can result in an infinite loop. This could be used to mount a denial of service attack against     services that use Compress' sevenz package. (CVE-2021-35515)

  - When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that     finally leads to an out of memory error even for very small inputs. This could be used to mount a denial     of service attack against services that use Compress' sevenz package. (CVE-2021-35516)

  - When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory     that finally leads to an out of memory error even for very small inputs. This could be used to mount a     denial of service attack against services that use Compress' tar package. (CVE-2021-35517)

  - When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory     that finally leads to an out of memory error even for very small inputs. This could be used to mount a     denial of service attack against services that use Compress' zip package. (CVE-2021-36090)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
202696	Atlassian Confluence 7.19.23 < 7.19.25 / 8.5.x < 8.5.12 / 8.9.x < 8.9.4 (CONFSERVER-96102)	Nessus	CGI abuses	high
199750	RHEL 7 : apache-commons-compress (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
199734	RHEL 8 : apache-commons-compress (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
189243	Oracle JDeveloper Multiple Vulnerabilities (January 2024 CPU)	Nessus	Misc.	high
163260	RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.1] (RHSA-2022:5555)	Nessus	Red Hat Local Security Checks	high
158092	Jenkins Enterprise and Operations Center < 2.277.43.0.3 / 2.319.1.5 Multiple Vulnerabilities (CloudBees Security Advisory 2021-12-01)	Nessus	CGI abuses	high
152463	openSUSE 15 Security Update : apache-commons-compress (openSUSE-SU-2021:1115-1)	Nessus	SuSE Local Security Checks	high
152256	openSUSE 15 Security Update : apache-commons-compress (openSUSE-SU-2021:2612-1)	Nessus	SuSE Local Security Checks	high
152248	SUSE SLED15 / SLES15 Security Update : apache-commons-compress (SUSE-SU-2021:2612-1)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2021-35517

high

Tenable Plugins

high

high

high

high

high

high

high

high

high