Homepage

conmon vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the conmon package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Information Exposure

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Use of Uninitialized Variable

*
  • M
Use of Uninitialized Variable

*
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Allocation of Resources Without Limits or Throttling

<3:2.1.7-3.1.rhaos4.14.el8
  • H
CVE-2023-39321

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Use of a Broken or Risky Cryptographic Algorithm

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Use After Free

<3:2.1.7-3.1.rhaos4.14.el8
  • H
CVE-2023-2728

<3:2.1.7-3.1.rhaos4.14.el8
  • H
CVE-2023-2727

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Memory Leak

<3:2.1.7-3.4.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.4.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • M
Resource Exhaustion

<2:2.1.2-3.rhaos4.12.el8
  • M
Resource Exhaustion

<2:2.1.2-3.rhaos4.12.el8
  • H
Improper Handling of Unicode Encoding

<3:2.1.7-2.rhaos4.13.el8
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3:2.1.7-2.rhaos4.13.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • H
Arbitrary Code Injection

<3:2.1.7-2.rhaos4.13.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-3.rhaos4.6.el8
  • M
Improper Certificate Validation

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Certificate Validation

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Default Permissions

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Default Permissions

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Initialization

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Initialization

<2:2.1.2-2.rhaos4.11.el8
  • M
Server-Side Request Forgery (SSRF)

<2:2.1.2-2.rhaos4.11.el8
  • M
Server-Side Request Forgery (SSRF)

<2:2.1.2-2.rhaos4.11.el8
  • M
Directory Traversal

<2:2.1.2-2.rhaos4.11.el8
  • M
Directory Traversal

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Access Control

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Access Control

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-3.rhaos4.6.el8
  • H
Directory Traversal

<2:2.0.21-1.rhaos4.5.el8
  • H
Improper Input Validation

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-1.rhaos4.5.el8
  • H
Incorrect Authorization

<2:2.0.21-1.rhaos4.5.el8
  • H
Allocation of Resources Without Limits or Throttling

<2:2.0.21-1.rhaos4.5.el8
  • H
Improper Input Validation

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-1.rhaos4.5.el8
  • H
Deserialization of Untrusted Data

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-1.rhaos4.5.el8
  • H
Link Following

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.4.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.3.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.3.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.4.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.3.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.4.el8
  • H
Cross-site Request Forgery (CSRF)

<2:2.0.17-1.rhaos4.3.el8
  • H
Cross-site Request Forgery (CSRF)

<2:2.0.17-1.rhaos4.4.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • M
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • H
Path Equivalence

<3:2.1.7-2.rhaos4.13.el8
  • H
Allocation of Resources Without Limits or Throttling

<3:2.1.7-2.rhaos4.13.el8
  • M
Allocation of Resources Without Limits or Throttling

<3:2.1.7-2.rhaos4.13.el8
  • M
Algorithmic Complexity

<2:2.1.2-4.rhaos4.12.el8
  • M
Algorithmic Complexity

<2:2.1.2-4.rhaos4.12.el8
  • M
CVE-2022-41715

<2:2.1.2-4.rhaos4.12.el8
  • M
CVE-2022-41715

<2:2.1.2-4.rhaos4.12.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.2-4.rhaos4.12.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.2-4.rhaos4.12.el8
  • M
HTTP Request Smuggling

<2:2.1.2-4.rhaos4.12.el8
  • M
HTTP Request Smuggling

<2:2.1.2-4.rhaos4.12.el8
  • M
Directory Traversal

<2:2.1.2-4.rhaos4.12.el8
  • M
Resource Exhaustion

<2:2.1.2-4.rhaos4.12.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Information Exposure

<2:2.1.2-2.rhaos4.11.el8
  • M
Improperly Controlled Sequential Memory Allocation

<2:2.1.2-2.rhaos4.11.el8
  • M
Improperly Controlled Sequential Memory Allocation

<2:2.1.2-3.rhaos4.12.el8
  • M
HTTP Request Smuggling

<2:2.1.2-2.rhaos4.11.el8
  • M
HTTP Request Smuggling

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Authorization

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Default Permissions

<2:2.1.2-2.rhaos4.11.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.0.29-3.rhaos4.8.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.0.29-3.rhaos4.9.el8
  • H
Allocation of Resources Without Limits or Throttling

<2:2.0.21-3.rhaos4.6.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.0.29-3.rhaos4.7.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.0.29-3.rhaos4.10.el8
  • M
Integer Overflow or Wraparound

<2:2.1.2-2.rhaos4.11.el8
  • M
Buffer Overflow

<2:2.1.2-2.rhaos4.11.el8
  • M
Missing Release of Resource after Effective Lifetime

<2:2.1.2-2.rhaos4.11.el8
  • M
Use of a Broken or Risky Cryptographic Algorithm

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Unchecked Return Value

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Authorization

<2:2.1.2-2.rhaos4.11.el8
  • M
Integer Overflow or Wraparound

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Input Validation

<2:2.1.2-2.rhaos4.11.el8
  • H
Insecure Temporary File

<2:2.0.21-1.rhaos4.5.el8
  • H
Insecure Temporary File

<2:2.0.21-1.rhaos4.5.el8