High
Third-Party Component | CVEs | More Information |
---|---|---|
glibc | CVE-2021-3999, CVE-2023-4911 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libcurl4,curl | CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27781, CVE-2022-27782, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-43552, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-38545, CVE-2023-46218 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libexpat1 | CVE-2022-40674, CVE-2022-43680, CVE-2023-52425, CVE-2023-52426 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libgnutls30 | CVE-2022-2509, CVE-2023-0361, CVE-2023-5981 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
krb5 | CVE-2022-42898, CVE-2023-36054 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
ncurses | CVE-2022-29458, CVE-2023-29491 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libnghttp2 | CVE-2024-27316, CVE-2023-44487 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libpcre2-8-0 | CVE-2022-1586, CVE-2022-1587 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libssl1.1 | CVE-2022-2097, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3446, CVE-2023-3817 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libtasn1-6 | CVE-2021-46848 | https://nvd.nist.gov/vuln/detail/CVE-2021-46848 |
libtiff5 | CVE-2022-1354, CVE-2022-1355, CVE-2022-1622, CVE-2022-1623, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2953, CVE-2022-34526, CVE-2022-3570, CVE-2022-3597, CVE-2022-3598, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970, CVE-2022-4645, CVE-2022-48281, CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, CVE-2023-25434, CVE-2023-25435, CVE-2023-30086, CVE-2023-30774, CVE-2023-3576, CVE-2023-40745, CVE-2023-41175 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libudev1,libsystemd0 | CVE-2022-3821, CVE-2022-4415, CVE-2023-50387 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libwebp6 | CVE-2023-1999, CVE-2023-4863 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libx11 | CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libxml2 | CVE-2022-40303, CVE-2022-40304, CVE-2023-28484, CVE-2023-29469 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libxpm4 | CVE-2022-44617, CVE-2022-46285, CVE-2022-4883, CVE-2023-43788, CVE-2023-43789 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libxslt1.1 | CVE-2021-30560 | https://nvd.nist.gov/vuln/detail/CVE-2021-30560 |
perl-base | CVE-2023-47038 | https://nvd.nist.gov/vuln/detail/CVE-2023-47038 |
ion-java | CVE-2024-21634 | https://nvd.nist.gov/vuln/detail/CVE-2024-21634 |
tar | CVE-2022-48303 | https://nvd.nist.gov/vuln/detail/CVE-2022-48303 |
zlib1g | CVE-2022-37434 | https://nvd.nist.gov/vuln/detail/CVE-2022-37434 |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-38302 | Dell Data Lakehouse, version(s) 1.0.0.0, contain(s) a Missing Encryption of Sensitive Data vulnerability in the DDAE (Starburst). A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure. |
6.8 | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-38302 | Dell Data Lakehouse, version(s) 1.0.0.0, contain(s) a Missing Encryption of Sensitive Data vulnerability in the DDAE (Starburst). A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure. |
6.8 | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
DELL Data Lakehouse System Software | 1.0.0.0 | 1.1.0.0 | https://www.dell.com/support/home/product-support/product/ |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
DELL Data Lakehouse System Software | 1.0.0.0 | 1.1.0.0 | https://www.dell.com/support/home/product-support/product/ |
Revision | Date | Description |
---|---|---|
1.0 | 2024-07-18 | Initial Release |