Homepage

conmon vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the conmon package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Information Exposure

*
  • L
Improper Verification of Cryptographic Signature

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Use of Uninitialized Variable

*
  • M
Use of Uninitialized Variable

*
  • M
Use of Uninitialized Variable

*
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.7-1.el9_2
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Use After Free

<3:2.1.7-3.1.rhaos4.14.el9
  • H
CVE-2023-2728

<3:2.1.7-3.1.rhaos4.14.el9
  • H
CVE-2023-2727

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Allocation of Resources Without Limits or Throttling

<3:2.1.7-3.1.rhaos4.14.el9
  • H
CVE-2023-39321

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Use After Free

<3:2.1.7-3.1.rhaos4.14.el9
  • H
CVE-2023-2728

<3:2.1.7-3.1.rhaos4.14.el9
  • H
CVE-2023-2727

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.4.rhaos4.14.el9
  • H
Memory Leak

<3:2.1.7-3.4.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.4.rhaos4.14.el9
  • H
Memory Leak

<3:2.1.7-3.4.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Exposure of Data Element to Wrong Session

<3:2.1.7-1.1.rhaos4.13.el9
  • H
Exposure of Data Element to Wrong Session

<3:2.1.7-1.1.rhaos4.13.el9
  • M
Resource Exhaustion

<2:2.1.2-4.rhaos4.12.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
CVE-2023-39321

<3:2.1.7-3.1.rhaos4.14.el9
  • M
CVE-2023-39321

*
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Allocation of Resources Without Limits or Throttling

<3:2.1.7-3.1.rhaos4.14.el9
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • H
Improper Handling of Unicode Encoding

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Improper Handling of Unicode Encoding

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3:2.1.7-1.1.rhaos4.13.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Resource Exhaustion

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Resource Exhaustion

<3:2.1.7-1.1.rhaos4.13.el9
  • H
Arbitrary Code Injection

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Arbitrary Code Injection

<3:2.1.7-1.1.rhaos4.13.el9
  • H
Resource Exhaustion

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Resource Exhaustion

<3:2.1.7-1.1.rhaos4.13.el9
  • M
Improper Certificate Validation

<2:2.1.2-3.rhaos4.12.el9
  • M
Incorrect Default Permissions

<2:2.1.2-3.rhaos4.12.el9
  • M
Improper Initialization

<2:2.1.2-3.rhaos4.12.el9
  • M
Server-Side Request Forgery (SSRF)

<2:2.1.2-3.rhaos4.12.el9
  • M
Directory Traversal

<2:2.1.2-3.rhaos4.12.el9
  • M
Improper Access Control

<2:2.1.2-3.rhaos4.12.el9
  • M
Resource Exhaustion

<2:2.1.2-3.rhaos4.12.el9
  • H
Resource Exhaustion

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Resource Exhaustion

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Resource Exhaustion

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Resource Exhaustion

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Path Equivalence

<3:2.1.7-2.1.rhaos4.13.el9
  • H
Path Equivalence

<3:2.1.7-2.1.rhaos4.13.el9
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.7-1.el9_2
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.7-1.el9_2
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.7-1.el9_2
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.7-1.el9_2
  • H
Allocation of Resources Without Limits or Throttling

<3:2.1.7-2.1.rhaos4.13.el9
  • M
Algorithmic Complexity

<2:2.1.2-5.rhaos4.12.el9
  • M
CVE-2022-41715

<2:2.1.2-5.rhaos4.12.el9
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.2-5.rhaos4.12.el9
  • M
HTTP Request Smuggling

<2:2.1.2-5.rhaos4.12.el9
  • M
Directory Traversal

<2:2.1.2-5.rhaos4.12.el9
  • M
Directory Traversal

<2:2.1.2-5.rhaos4.12.el9
  • M
Resource Exhaustion

<2:2.1.2-5.rhaos4.12.el9
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el9
  • M
Resource Exhaustion

<2:2.1.2-3.rhaos4.12.el9
  • M
Information Exposure

<2:2.1.2-3.rhaos4.12.el9
  • M
Information Exposure

<2:2.1.2-3.rhaos4.12.el9
  • M
Improperly Controlled Sequential Memory Allocation

<2:2.1.2-3.rhaos4.12.el9
  • M
HTTP Request Smuggling

<2:2.1.2-3.rhaos4.12.el9
  • M
HTTP Request Smuggling

<2:2.1.2-3.rhaos4.12.el9
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Information Exposure

*