xen vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the xen package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Allocation of Resources Without Limits or Throttling

<4.15.4-r0
  • M
Resource Exhaustion

<4.15.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.15.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.15.4-r0
  • L
Resource Exhaustion

<4.15.4-r0
  • M
Out-of-Bounds

<4.15.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.15.4-r0
  • M
Memory Leak

<4.15.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.15.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.15.4-r0
  • H
Incomplete Cleanup

<4.15.4-r0
  • M
Improper Handling of Exceptional Conditions

<4.15.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.15.4-r0
  • M
Memory Leak

<4.15.4-r0
  • M
Resource Exhaustion

<4.15.4-r0
  • H
CVE-2022-33743

<4.15.4-r0
  • M
Memory Leak

<4.15.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.15.4-r0
  • M
Memory Leak

<4.15.4-r0
  • M
Incomplete Cleanup

<4.15.4-r0
  • M
Uncontrolled Recursion

<4.15.4-r0
  • H
CVE-2022-42327

<4.15.4-r0
  • M
CVE-2022-33744

<4.15.4-r0
  • M
Memory Leak

<4.15.4-r0
  • M
CVE-2022-23824

<4.15.4-r0
  • H
Release of Invalid Pointer or Reference

<4.15.4-r0
  • H
CVE-2022-33745

<4.15.3-r2
  • M
Exposure of Resource to Wrong Sphere

<4.15.3-r1
  • L
CVE-2022-23816

<4.15.3-r1
  • M
Information Exposure

<4.15.3-r1
  • H
Information Exposure

<4.15.3-r0
  • H
Information Exposure

<4.15.3-r0
  • H
Information Exposure

<4.15.3-r0
  • H
Information Exposure

<4.15.3-r0
  • M
Incomplete Cleanup

<4.15.2-r2
  • M
Incomplete Cleanup

<4.15.2-r2
  • M
Incomplete Cleanup

<4.15.2-r2
  • M
CVE-2022-26363

<4.15.2-r1
  • M
CVE-2022-26364

<4.15.2-r1
  • M
Race Condition

<4.15.2-r1
  • H
CVE-2022-26359

<4.15.2-r2
  • L
XSA-398

<4.15.2-r2
  • H
CVE-2022-26360

<4.15.2-r2
  • M
Missing Release of Resource after Effective Lifetime

<4.15.2-r2
  • H
CVE-2022-26361

<4.15.2-r2
  • H
Incorrect Authorization

<4.15.2-r0
  • H
Race Condition

<4.15.2-r2
  • M
Integer Underflow

<4.15.2-r0
  • H
Allocation of Resources Without Limits or Throttling

<4.15.2-r0
  • M
Incomplete Cleanup

<4.15.2-r0
  • H
CVE-2022-26358

<4.15.2-r2
  • M
Out-of-Bounds

<4.10.0-r1
  • H
Improper Handling of Exceptional Conditions

<4.15.1-r2
  • H
CVE-2021-28703

<4.15.2-r0
  • H
Arbitrary Command Injection

<4.15.1-r2
  • H
Arbitrary Command Injection

<4.15.1-r2
  • H
Improper Handling of Exceptional Conditions

<4.15.1-r2
  • H
Arbitrary Command Injection

<4.15.1-r2
  • H
Improper Privilege Management

<4.15.1-r1
  • H
Improper Privilege Management

<4.15.1-r1
  • H
Race Condition

<4.15.0-r3
  • M
Allocation of Resources Without Limits or Throttling

<4.15.0-r2
  • H
Race Condition

<4.15.0-r2
  • M
CVE-2021-28694

<4.15.0-r2
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.15.0-r2
  • M
CVE-2021-28699

<4.15.0-r2
  • M
CVE-2021-28695

<4.15.0-r2
  • M
Incorrect Authorization

<4.15.0-r2
  • M
CVE-2021-28690

<4.15.0-r1
  • M
Information Exposure

<4.15.0-r1
  • H
Improper Privilege Management

<4.15.0-r1
  • M
CVE-2021-28693

<4.15.0-r1
  • M
Missing Initialization of Resource

<4.15.0-r0
  • M
CVE-2021-26933

<4.14.1-r3
  • M
CVE-2021-3308

<4.14.1-r2
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • H
Insufficient Verification of Data Authenticity

<4.14.0-r2
  • H
CVE-2020-27671

<4.14.0-r2
  • H
Race Condition

<4.14.0-r2
  • M
Out-of-bounds Write

<4.14.0-r2
  • H
Out-of-bounds Write

<4.14.0-r3
  • M
NULL Pointer Dereference

<4.14.1-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • H
Missing Authorization

<4.14.1-r0
  • M
Use After Free

<4.14.1-r0
  • M
Memory Leak

<4.14.1-r0
  • M
Uncontrolled Recursion

<4.14.1-r0
  • M
NULL Pointer Dereference

<4.14.1-r0
  • L
Missing Authorization

<4.14.1-r0
  • H
Improper Privilege Management

<4.14.1-r0
  • M
Untrusted Search Path

<4.14.1-r0
  • M
Missing Authorization

<4.14.0-r2
  • L
XSA-312

<4.13.1-r0
  • M
CVE-2020-25601

<4.14.0-r1
  • M
Out-of-bounds Write

<4.14.0-r1
  • H
Out-of-Bounds

<4.14.0-r1
  • M
Arbitrary Code Injection

<4.14.0-r1
  • H
Always-Incorrect Control Flow Implementation

<4.14.0-r1
  • M
Out-of-Bounds

<4.14.0-r1
  • H
Improper Privilege Management

<4.14.0-r1
  • M
Race Condition

<4.14.0-r1
  • M
Always-Incorrect Control Flow Implementation

<4.14.0-r1
  • M
Improper Handling of Exceptional Conditions

<4.14.0-r1
  • M
Out-of-bounds Read

<4.13.1-r5
  • M
Improper Check for Unusual or Exceptional Conditions

<4.13.1-r4
  • M
Out-of-Bounds

<4.13.1-r4
  • H
Resource Exhaustion

<4.13.1-r4
  • M
Out-of-Bounds

<4.13.1-r4
  • H
Race Condition

<4.13.1-r4
  • M
Improper Input Validation

<4.13.0-r0
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.13.0-r0
  • H
CVE-2019-19583

<4.13.0-r0
  • H
Incorrect Calculation

<4.13.0-r0
  • M
Race Condition

<4.13.0-r0
  • H
Memory Leak

<4.13.0-r0
  • C
Improper Privilege Management

<4.13.0-r0
  • H
Race Condition

<4.13.0-r0
  • H
Off-by-one Error

<4.13.0-r0
  • M
OS Command Injection

<4.13.0-r0
  • H
Incorrect Permission Assignment for Critical Resource

<4.13.0-r0
  • M
Improper Input Validation

<4.13.0-r0
  • M
CVE-2019-11135

<4.13.0-r0
  • M
Improper Cross-boundary Removal of Sensitive Data

<4.13.0-r3
  • H
Race Condition

<4.13.0-r3
  • M
Improper Handling of Exceptional Conditions

<4.13.0-r3
  • M
CVE-2020-11742

<4.13.0-r3
  • M
Incomplete Cleanup

<4.13.1-r3
  • H
Out-of-bounds Read

<4.9.0-r4
  • M
NULL Pointer Dereference

<4.9.0-r4
  • M
Race Condition

<4.9.0-r4
  • H
CVE-2017-14319

<4.9.0-r4
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.12.1-r0
  • H
CVE-2017-8903

<4.8.1-r2
  • M
Information Exposure

<4.11.0-r0
  • H
CVE-2017-8904

<4.8.1-r2
  • M
CVE-2018-12893

<4.11.0-r0
  • M
Information Exposure

<4.12.0-r2
  • C
Information Exposure

<4.11.0-r0
  • M
Information Exposure

<4.12.0-r2
  • M
Information Exposure

<4.11.0-r0
  • M
Information Exposure

<4.12.0-r2
  • H
Access Restriction Bypass

<4.7.1-r1
  • M
CVE-2019-11091

<4.12.0-r2
  • H
Access Restriction Bypass

<4.7.1-r1
  • M
Improper Input Validation

<4.7.1-r1
  • M
Information Exposure

<4.7.1-r1
  • H
Improper Input Validation

<4.7.1-r1
  • M
Incorrect Calculation

<4.7.1-r1
  • M
Improper Access Control

<4.7.1-r1
  • H
Race Condition

<4.7.1-r1
  • H
Improper Input Validation

<4.7.1-r1
  • H
Improper Access Control

<4.7.0-r0
  • H
CVE-2017-15590

<4.9.0-r6
  • H
Improper Input Validation

<4.7.1-r1
  • M
Improper Input Validation

<4.7.0-r0
  • L
Information Exposure

<4.7.1-r3
  • M
Resource Exhaustion

<4.7.0-r0
  • M
Information Exposure

<4.9.0-r6
  • M
Improper Access Control

<4.7.1-r3
  • H
Resource Exhaustion

<4.9.0-r6
  • M
Improper Access Control

<4.7.1-r3
  • H
Race Condition

<4.9.0-r6
  • M
Improper Access Control

<4.7.1-r3
  • M
Missing Release of Resource after Effective Lifetime

<4.9.0-r6
  • M
Improper Access Control

<4.7.1-r3
  • H
Exposure of Resource to Wrong Sphere

<4.9.0-r6
  • M
Race Condition

<4.7.0-r5
  • H
CVE-2017-15594

<4.9.0-r6
  • M
Resource Exhaustion

<4.11.1-r0
  • M
Incorrect Authorization

<4.11.1-r0
  • M
Resource Exhaustion

<4.11.1-r0
  • C
Out-of-Bounds

<4.9.0-r7
  • M
Information Exposure

<4.11.1-r0
  • C
Out-of-Bounds

<4.7.2-r0
  • M
CVE-2018-3646

<4.11.1-r0
  • H
Improper Validation of Array Index

<4.7.2-r0
  • M
Resource Exhaustion

<4.10.0-r2
  • H
Incomplete Cleanup

<4.11.1-r0
  • M
Improper Input Validation

<4.7.1-r4
  • H
CVE-2018-7541

<4.10.0-r2
  • H
Information Exposure

<4.11.1-r0
  • M
NULL Pointer Dereference

<4.7.1-r4
  • M
NULL Pointer Dereference

<4.10.0-r2
  • H
Reachable Assertion

<4.11.1-r0
  • H
Access Restriction Bypass

<4.7.1-r4
  • M
CVE-2018-19964

<4.11.1-r0
  • H
NULL Pointer Dereference

<4.11.1-r0
  • M
CVE-2018-19965

<4.11.1-r0
  • H
Interpretation Conflict

<4.11.1-r0
  • M
Improper Input Validation

<4.11.1-r0
  • C
Out-of-bounds Read

<4.7.1-r5
  • C
Out-of-bounds Read

<4.7.1-r5
  • M
Information Exposure

<4.10.1-r0
  • M
Out-of-bounds Write

<4.10.1-r0
  • M
Information Exposure

<4.9.0-r0
  • C
CVE-2017-10912

<4.9.0-r0
  • C
CVE-2017-10913

<4.9.0-r0
  • H
Race Condition

<4.9.0-r0
  • C
Race Condition

<4.9.0-r0
  • H
Information Exposure

<4.9.0-r0
  • C
NULL Pointer Dereference

<4.9.0-r0
  • C
Improper Input Validation

<4.9.0-r0
  • M
CVE-2017-10919

<4.9.0-r0
  • C
Out-of-Bounds

<4.9.0-r0
  • C
Out-of-Bounds

<4.9.0-r0
  • H
Resource Exhaustion

<4.9.0-r0
  • M
Improper Input Validation

<4.9.0-r0
  • H
Race Condition

<4.10.1-r1
  • H
CVE-2018-10982

<4.10.1-r1
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.10.1-r1
  • H
Incorrect Calculation

<4.9.0-r1
  • H
Buffer Overflow

<4.9.0-r1
  • H
Race Condition

<4.9.0-r1
  • M
Information Exposure

<4.9.0-r1
  • H
Access Restriction Bypass

<4.7.0-r1
  • H
Access Restriction Bypass

<4.7.0-r1
  • M
Out-of-Bounds

<4.7.0-r1
  • L
XSA-254

<4.10.0-r1
  • M
CVE-2018-12891

<4.11.0-r0
  • L
XSA-249

<4.10.0-r1
  • L
XSA-250

<4.10.0-r1
  • L
XSA-238

<4.9.0-r6
  • L
XSA-246

<4.9.1-r1
  • L
XSA-247

<4.9.1-r1
  • L
XSA-235

<4.9.0-r2
  • L
XSA-248

<4.10.0-r1
  • L
XSA-251

<4.10.0-r1
  • L
XSA-245

<4.9.0-r5
  • L
XSA-207

<4.7.1-r5
  • L
XSA-210

<4.7.1-r5