Homepage

conmon vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the conmon package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Creation of Temporary File With Insecure Permissions

<3:2.1.7-5.rhaos4.13.el8
  • H
Directory Traversal

<3:2.1.7-5.rhaos4.13.el8
  • H
Directory Traversal

<3:2.1.7-5.rhaos4.13.el8
  • H
Link Following

<3:2.1.7-5.rhaos4.13.el8
  • H
Improperly Controlled Sequential Memory Allocation

<3:2.1.7-5.rhaos4.13.el8
  • H
Uncontrolled Recursion

<3:2.1.7-5.rhaos4.13.el8
  • H
Uncontrolled Recursion

<3:2.1.7-5.rhaos4.13.el8
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Expected Behavior Violation

*
  • M
Expected Behavior Violation

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
CVE-2025-4673

*
  • M
Improper Input Validation

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Use of Uninitialized Variable

*
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Allocation of Resources Without Limits or Throttling

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Buffer Access with Incorrect Length Value

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Use of a Broken or Risky Cryptographic Algorithm

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Use After Free

<3:2.1.7-3.1.rhaos4.14.el8
  • H
CVE-2023-2728

<3:2.1.7-3.1.rhaos4.14.el8
  • H
CVE-2023-2727

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Memory Leak

<3:2.1.7-3.4.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.4.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • M
Resource Exhaustion

<2:2.1.2-3.rhaos4.12.el8
  • M
Resource Exhaustion

<2:2.1.2-3.rhaos4.12.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Resource Exhaustion

<3:2.1.7-3.1.rhaos4.14.el8
  • H
Improper Handling of Unicode Encoding

<3:2.1.7-2.rhaos4.13.el8
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3:2.1.7-2.rhaos4.13.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • H
Arbitrary Code Injection

<3:2.1.7-2.rhaos4.13.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-3.rhaos4.6.el8
  • M
Improper Certificate Validation

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Certificate Validation

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Default Permissions

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Default Permissions

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Initialization

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Initialization

<2:2.1.2-2.rhaos4.11.el8
  • M
Server-Side Request Forgery (SSRF)

<2:2.1.2-2.rhaos4.11.el8
  • M
Server-Side Request Forgery (SSRF)

<2:2.1.2-2.rhaos4.11.el8
  • M
Directory Traversal

<2:2.1.2-2.rhaos4.11.el8
  • M
Directory Traversal

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Access Control

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Access Control

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-3.rhaos4.6.el8
  • H
Directory Traversal

<2:2.0.21-1.rhaos4.5.el8
  • H
Improper Input Validation

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-1.rhaos4.5.el8
  • H
Incorrect Authorization

<2:2.0.21-1.rhaos4.5.el8
  • H
Allocation of Resources Without Limits or Throttling

<2:2.0.21-1.rhaos4.5.el8
  • H
Improper Input Validation

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-1.rhaos4.5.el8
  • H
Deserialization of Untrusted Data

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-1.rhaos4.5.el8
  • H
Link Following

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.21-1.rhaos4.5.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.3.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.4.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.3.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.4.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.4.el8
  • H
Cross-site Scripting (XSS)

<2:2.0.17-1.rhaos4.3.el8
  • H
Cross-site Request Forgery (CSRF)

<2:2.0.17-1.rhaos4.3.el8
  • H
Cross-site Request Forgery (CSRF)

<2:2.0.17-1.rhaos4.4.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • M
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • H
Resource Exhaustion

<3:2.1.7-2.rhaos4.13.el8
  • H
Path Equivalence

<3:2.1.7-2.rhaos4.13.el8
  • H
Allocation of Resources Without Limits or Throttling

<3:2.1.7-2.rhaos4.13.el8
  • M
Algorithmic Complexity

<2:2.1.2-4.rhaos4.12.el8
  • M
Algorithmic Complexity

<2:2.1.2-4.rhaos4.12.el8
  • M
CVE-2022-41715

<2:2.1.2-4.rhaos4.12.el8
  • M
CVE-2022-41715

<2:2.1.2-2.rhaos4.11.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.2-2.rhaos4.11.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.1.2-4.rhaos4.12.el8
  • M
HTTP Request Smuggling

<2:2.1.2-2.rhaos4.11.el8
  • M
HTTP Request Smuggling

<2:2.1.2-4.rhaos4.12.el8
  • M
Directory Traversal

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Information Exposure

<2:2.1.2-2.rhaos4.11.el8
  • M
Improperly Controlled Sequential Memory Allocation

<2:2.1.2-2.rhaos4.11.el8
  • M
Improperly Controlled Sequential Memory Allocation

<2:2.1.2-3.rhaos4.12.el8
  • M
HTTP Request Smuggling

<2:2.1.2-2.rhaos4.11.el8
  • M
HTTP Request Smuggling

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Authorization

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Default Permissions

<2:2.1.2-2.rhaos4.11.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.0.29-3.rhaos4.7.el8
  • H
Allocation of Resources Without Limits or Throttling

<2:2.0.21-3.rhaos4.6.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.0.29-3.rhaos4.9.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.0.29-3.rhaos4.10.el8
  • M
Allocation of Resources Without Limits or Throttling

<2:2.0.29-3.rhaos4.8.el8
  • M
Integer Overflow or Wraparound

<2:2.1.2-2.rhaos4.11.el8
  • M
Buffer Overflow

<2:2.1.2-2.rhaos4.11.el8
  • M
Missing Release of Resource after Effective Lifetime

<2:2.1.2-2.rhaos4.11.el8
  • M
Use of a Broken or Risky Cryptographic Algorithm

<2:2.1.2-2.rhaos4.11.el8
  • M
Resource Exhaustion

<2:2.1.2-2.rhaos4.11.el8
  • M
Unchecked Return Value

<2:2.1.2-2.rhaos4.11.el8
  • M
Incorrect Authorization

<2:2.1.2-2.rhaos4.11.el8
  • M
Integer Overflow or Wraparound

<2:2.1.2-2.rhaos4.11.el8
  • M
Improper Input Validation

<2:2.1.2-2.rhaos4.11.el8
  • H
Insecure Temporary File

<2:2.0.21-1.rhaos4.5.el8
  • H
Insecure Temporary File

<2:2.0.21-1.rhaos4.5.el8