Nova 2 Plus,Nova 2 Security Vulnerabilities

Tuesday, July 2, 2024 Security Releases

Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 2 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...

CVE-2024-29039

tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

CVE-2021-3634 affecting package libssh 0.9.5-2

CVE-2021-3634 affecting package libssh 0.9.5-2. This CVE either no longer is or was never...

CVE-2002-0318 affecting package freeradius 3.2.3-2

CVE-2002-0318 affecting package freeradius 3.2.3-2. No patch is available...

CVE-2011-4966 affecting package freeradius 3.2.3-2

CVE-2011-4966 affecting package freeradius 3.2.3-2. No patch is available...

CVE-2017-18640 affecting package snakeyaml 1.25-2

CVE-2017-18640 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2

CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2. A patched version of the package is...

CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2

CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2. A patched version of the package is...

CVE-2022-31321 affecting package bolt 0.9.2-2

CVE-2022-31321 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2023-0475 affecting package k3s 1.24.12-2

CVE-2023-0475 affecting package k3s 1.24.12-2. This CVE either no longer is or was never...

CVE-2022-47021 affecting package opusfile 0.12-2

CVE-2022-47021 affecting package opusfile 0.12-2. No patch is available...

CVE-2022-38752 affecting package snakeyaml 1.25-2

CVE-2022-38752 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2022-36069 affecting package poetry 1.0.10-2

CVE-2022-36069 affecting package poetry 1.0.10-2. No patch is available...

CVE-2022-25857 affecting package snakeyaml 1.25-2

CVE-2022-25857 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2023-0464 affecting package kata-containers-cc for versions less than 0.4.1-2

CVE-2023-0464 affecting package kata-containers-cc for versions less than 0.4.1-2. This CVE either no longer is or was never...

CVE-2020-4041 affecting package bolt 0.9.2-2

CVE-2020-4041 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2019-15484 affecting package bolt 0.9.2-2

CVE-2019-15484 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2021-27367 affecting package bolt 0.9.2-2

CVE-2021-27367 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2022-3294 affecting package k3s 1.24.12-2

CVE-2022-3294 affecting package k3s 1.24.12-2. This CVE either no longer is or was never...

CVE-2019-9185 affecting package bolt 0.9.2-2

CVE-2019-9185 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2015-7309 affecting package bolt 0.9.2-2

CVE-2015-7309 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2020-4040 affecting package bolt 0.9.2-2

CVE-2020-4040 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2

CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2. This CVE either no longer is or was never...

CVE-2022-41854 affecting package snakeyaml 1.25-2

CVE-2022-41854 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2024-0727 affecting package nodejs for versions less than 16.20.2-2

CVE-2024-0727 affecting package nodejs for versions less than 16.20.2-2. This CVE either no longer is or was never...

CVE-2019-15483 affecting package bolt 0.9.2-2

CVE-2019-15483 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2023-44487 affecting package moby-containerd for versions less than 1.6.22-2

CVE-2023-44487 affecting package moby-containerd for versions less than 1.6.22-2. A patched version of the package is...

CVE-2023-44487 affecting package libcontainers-common for versions less than 20210626-2

CVE-2023-44487 affecting package libcontainers-common for versions less than 20210626-2. A patched version of the package is...

CVE-2023-0465 affecting package kata-containers-cc for versions less than 0.4.1-2

CVE-2023-0465 affecting package kata-containers-cc for versions less than 0.4.1-2. This CVE either no longer is or was never...

CVE-2017-16754 affecting package bolt 0.9.2-2

CVE-2017-16754 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2023-25173 affecting package k3s 1.24.12-2

CVE-2023-25173 affecting package k3s 1.24.12-2. This CVE either no longer is or was never...

CVE-2022-43410 affecting package mercurial 6.0.3-2

CVE-2022-43410 affecting package mercurial 6.0.3-2. No patch is available...

CVE-2020-28925 affecting package bolt 0.9.2-2

CVE-2020-28925 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2022-1941 affecting package protobuf 3.17.3-2

CVE-2022-1941 affecting package protobuf 3.17.3-2. No patch is available...

CVE-2022-38750 affecting package snakeyaml 1.25-2

CVE-2022-38750 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2022-38749 affecting package snakeyaml 1.25-2

CVE-2022-38749 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2023-48795 affecting package nmap for versions less than 7.93-2

CVE-2023-48795 affecting package nmap for versions less than 7.93-2. A patched version of the package is...

CVE-2023-2650 affecting package kata-containers-cc for versions less than 0.4.1-2

CVE-2023-2650 affecting package kata-containers-cc for versions less than 0.4.1-2. This CVE either no longer is or was never...

CVE-2019-15485 affecting package bolt 0.9.2-2

CVE-2019-15485 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2022-38751 affecting package snakeyaml 1.25-2

CVE-2022-38751 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2

CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2. A patched version of the package is...

CVE-2023-39325 affecting package golang for versions less than 1.20.7-2

CVE-2023-39325 affecting package golang for versions less than 1.20.7-2. A patched version of the package is...

CVE-2021-34141 affecting package numpy 1.16.6-2

CVE-2021-34141 affecting package numpy 1.16.6-2. This CVE either no longer is or was never...

CVE-2020-29509 affecting package golang 1.17.13-2

CVE-2020-29509 affecting package golang 1.17.13-2. No patch is available...

CVE-2020-29511 affecting package golang 1.17.13-2

CVE-2020-29511 affecting package golang 1.17.13-2. No patch is available...

CVE-2021-41495 affecting package numpy 1.16.6-2

CVE-2021-41495 affecting package numpy 1.16.6-2. No patch is available...

CVE-2020-8563 affecting package kubernetes-1.18.19 1.18.19-2

CVE-2020-8563 affecting package kubernetes-1.18.19 1.18.19-2. No patch is available...

CVE-2018-20225 affecting package python-pip 19.2-2

CVE-2018-20225 affecting package python-pip 19.2-2. No patch is available...

CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2

CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2. This CVE either no longer is or was never...

CVE-2023-0215 affecting package cloud-hypervisor 22.0-2

CVE-2023-0215 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...