VMware Workstation, VMware Fusion Security Vulnerabilities

RHEL 6 / 7 : rh-python36-python (RHSA-2019:3725)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3725 advisory. python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) python: DOS via regular...

RHEL 7 : qpid-proton (RHSA-2019:1399)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1399 advisory. qpid-proton: TLS Man in the Middle Vulnerability (CVE-2019-0223) Note that Nessus has not tested for this issue but has instead relied only on the...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2019:1150)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1150 advisory. rubygems: Delete directory using symlink when decompressing tar (CVE-2019-8320) rubygems: Escape sequence injection vulnerability in...

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2019:1151)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1151 advisory. rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324) Note that Nessus has not tested for this issue but has...

RHEL 7 : redis (RHSA-2019:2630)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2630 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

RHEL 6 / 7 : rh-mariadb102-mariadb and rh-mariadb102-galera (RHSA-2019:1258)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1258 advisory. mysql: Server: Replication unspecified vulnerability (CPU Oct 2017) (CVE-2017-10268) mysql: Server: Optimizer unspecified...

RHEL 6 / 7 : python27-python and python27-python-jinja2 (RHSA-2019:1260)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1260 advisory. python-jinja2: Sandbox escape due to information disclosure via str.format (CVE-2016-10745) python: DOS via regular expression...

RHEL 6 / 7 : rh-python36-python (RHSA-2019:0765)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0765 advisory. python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) Note that Nessus has not tested for this issue but...

RHEL 7 : openstack-tripleo-common (RHSA-2019:1683)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1683 advisory. openstack-tripleo-common contains the python library for code common to the Red Hat OpenStack Platform director CLI and GUI (codename tripleo). ...

RHEL 7 : rh-nginx112-nginx (RHSA-2019:2746)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2746 advisory. HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) HTTP/2: flood using PRIORITY frames results in excessive...

RHEL 7 / 8 : Synopsis: Red Hat OpenStack Platform (openstack-cinder) (RHSA-2023:1279)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1279 advisory. Cinder is the replacement of nova-volume in Folsom and beyond, used for block storage. Security Fix(es): * Arbitrary file access through...

RHEL 7 : xorg-x11-server (RHSA-2024:0009)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0009 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical...

RHEL 8 : Satellite 6.13.3 Async Security Update (Important) (RHSA-2023:4466)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4466 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...

RHEL 7 : rh-maven35-jackson-databind (RHSA-2019:0782)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0782 advisory. jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307) ...

RHEL 8 : Red Hat Satellite 6 (RHSA-2024:1061)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1061 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...

RHEL 7 : openstack-neutron (RHSA-2019:0879)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0879 advisory. OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines....

RHEL 6 / 7 : rh-python36-python-jinja2 (RHSA-2019:1329)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1329 advisory. python-jinja2: str.format_map allows sandbox escape (CVE-2019-10906) Note that Nessus has not tested for this issue but has instead relied only...

RHEL 6 / 7 : rh-python35-python (RHSA-2019:0902)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0902 advisory. python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) Note that Nessus has not tested for this issue but...

RHEL 7 : Red Hat Enterprise Linux OpenStack Platform (RHSA-2019:0916)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0916 advisory. OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main...

RHEL 7 : python-novajoin (RHSA-2019:1728)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1728 advisory. This Python package provides a dynamic vendordata plugin for the OpenStack nova metadata service to manage host instantiation in an IPA server. ...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1667)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1667 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 7 : openstack-tripleo-common (RHSA-2019:1742)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1742 advisory. openstack-tripleo-common contains the python library for code common to the Red Hat OpenStack Platform director CLI and GUI (codename tripleo). ...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1201)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1201 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : gstreamer1-plugins-bad-free (RHSA-2024:0013)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0013 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains...

RHEL 8 : Satellite 6.12.1 Async Security Update (Critical) (RHSA-2023:0261)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0261 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...

RHEL 8 : Satellite 6.12.3 Async Security Update (Important) (RHSA-2023:1630)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1630 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

RHEL 7 : Red Hat OpenStack Platform 13.0 (RHSA-2023:3161)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3161 advisory. Security Fix(es): * EMBARGOED CVE-2023-2088 openstack-cinder: silently access other user's volumes (CVE-2023-2088) For more details about the...

RHEL 7 : java-1.8.0-ibm (RHSA-2024:0879)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0879 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE...

RHEL 7 : java-11-openjdk (RHSA-2024:1821)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1821 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security...

RHEL 7 / 8 : Satellite 6.11.5 Async Security Update (Critical) (RHSA-2023:1151)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1151 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...

RHEL 8 : Satellite 6.13 Release (Important) (RHSA-2023:2097)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2097 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and ...

RHEL 7 : thunderbird (RHSA-2024:0027)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0027 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fix(es): *...

RHEL 8 : Satellite 6.13.5 Async Security Update (Important) (RHSA-2023:5931)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5931 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...

RHEL 7 : rh-haproxy18-haproxy (RHSA-2019:1436)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1436 advisory. haproxy: Information disclosure in check_request_for_cacheability function in proto_http.c (CVE-2018-11469) haproxy: Out-of-bounds...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2507)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2507 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 7 : openstack-nova (RHSA-2019:2652)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2652 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : rh-maven35-jackson-databind (RHSA-2019:4192)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:4192 advisory. jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531) Note that Nessus has not tested for this issue but has...

RHEL 7 : docker (RHSA-2024:1270)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1270 advisory. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs...

RHEL 7 : firefox (RHSA-2024:1486)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1486 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

RHEL 7 : rh-php71-php (RHSA-2019:2519)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2519 advisory. gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166) php: Out of bounds access in php_pcre.c:php_pcre_replace_impl()...

RHEL 6 / 7 / 8 : Red Hat AMQ Interconnect 1.9.0 (RHSA-2020:4211)

The remote Redhat Enterprise Linux 6 / 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4211 advisory. jquery: Cross-site scripting (XSS) via HTML tags containing whitespaces (CVE-2020-7656) jquery: Cross-site scripting due to...

RHEL 7 / 8 : Satellite 6.11.5.6 async (RHSA-2023:5980)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5980 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...

RHEL 7 : linux-firmware (RHSA-2024:0753)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0753 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): *...

RHEL 6 / 7 : rh-php70-php (RHSA-2019:3724)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3724 advisory. php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) Note that Nessus has not tested for this issue but has instead relied only on the...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:3787)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3787 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : redis (RHSA-2019:2621)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2621 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

RHEL 6 / 7 : httpd24-httpd (RHSA-2019:4126)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:4126 advisory. httpd: mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) httpd: mod_session_cookie does not respect expiry time...

RHEL 7 : openstack-octavia (RHSA-2019:0593)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0593 advisory. The OpenStack Load Balancing service (openstack-octavia) provides a Load Balancing-as-a-Service (LBaaS) version 2 implementation for Red Hat...

RHEL 7 / 8 : Red Hat OpenStack Platform (openstack-nova) (RHSA-2023:1278)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1278 advisory. OpenStack Compute (codename Nova) is open source software designed to provision and manage large networks of virtual machines, creating a ...

RHEL 8 : Satellite 6.14.1 Async Security Update (Moderate) (RHSA-2023:7851)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7851 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...