Scalance Xm-400, Xr-500 Security Vulnerabilities

RHEL 9 : kernel (RHSA-2024:2394)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2394 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: GSM multiplexing race...

RHEL 9 : buildah (RHSA-2024:2245)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2245 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

RHEL 8 : unbound (RHSA-2024:2587)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2587 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * bind9: KeyTrap - Extreme...

RHEL 9 : golang (RHSA-2024:2562)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2562 advisory. The golang packages provide the Go programming language compiler. Security Fix(es): * golang-fips/openssl: Memory leaks in code encrypting...

RHEL 8 : libreswan (RHSA-2024:2081)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2081 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...

RHEL 9 : edk2 (RHSA-2024:2264)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2264 advisory. EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI...

RHEL 9 : openssl and openssl-fips-provider (RHSA-2024:2447)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2447 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a...

RHEL 9 : webkit2gtk3 (RHSA-2024:2126)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2126 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: Processing web...

Express NODE_ENV 'development' Information Disclosure Vulnerability (HTTP) - Active Check

Express is prone to an information disclosure vulnerability if the NODE_ENV environment variable is set...

RHEL 9 : podman (RHSA-2024:2193)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2193 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use...

RHEL 9 : mod_http2 (RHSA-2024:2564)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2564 advisory. The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * mod_http2:...

RHEL 9 : mingw-glib2 (RHSA-2024:2528)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2528 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used...

RHEL 9 : libreswan (RHSA-2024:2565)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2565 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...

RHEL 8 : libreswan (RHSA-2024:2082)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2082 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...

RHEL 8 : expat (RHSA-2024:2575)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2575 advisory. Expat is a C library for parsing XML documents. Security Fix(es): * expat: parsing large tokens can trigger a denial of service (CVE-2023-52425) ...

RHEL 9 : frr (RHSA-2024:2156)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2156 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP,...

RHEL 7 : rhc-worker-script (RHSA-2024:2625)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2625 advisory. The rhc-worker-script packages provide Remote Host Configuration (rhc) worker for executing an interpreted programming language script on hosts...

RHEL 9 : toolbox (RHSA-2024:2160)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2160 advisory. Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of...

RHEL 7 : rh-mysql80-mysql (RHSA-2024:2619)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2619 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The...

RHEL 9 : containernetworking-plugins (RHSA-2024:2272)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2272 advisory. The Container Network Interface (CNI) project consists of a specification and libraries for writing plug- ins for configuring network...

RHEL 9 : mod_http2 (RHSA-2024:2368)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2368 advisory. The mod_http2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): ...

Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for...

CodeQL zero to hero part 3: Security research with CodeQL

I've written a bit in the past about static analysis (CodeQL zero to hero part 1: Fundamentals of static analysis) and basics of writing CodeQL queries (CodeQL zero to hero part 2: Getting started with CodeQL). Today, I want to dig deeper about CodeQL and talk about variant analysis, writing a...

AlmaLinux 9 : libreswan (ALSA-2024:2033)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:2033 advisory. The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use...

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2024:1962)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1962 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK...

RHEL 8 : Satellite 6.14 (RHSA-2023:6818)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6818 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and ...

AlmaLinux 9 : golang (ALSA-2024:1963)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1963 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK...

RHEL 8 : Jenkins and Jenkins-2-plugins (RHSA-2024:0778)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0778 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by...

RHEL 9 : git-lfs (RHSA-2024:2079)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2079 advisory. Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...

AlmaLinux 8 : libreswan (ALSA-2024:1998)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:1998 advisory. The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use...

RHEL 6 / 7 : rh-python36-python (RHSA-2019:3725)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3725 advisory. python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) python: DOS via regular...

RHEL 6 / 7 / 8 / 9 : Red Hat Satellite Client (RHSA-2023:5982)

The remote Redhat Enterprise Linux 6 / 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5982 advisory. Security Fix(es): * golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) ...

RHEL 8 : Red Hat Product OCP Tools 4.13 OpenShift Jenkins (RHSA-2023:6179)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6179 advisory. snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857) maven-shared-utils: Command...

RHEL 8 / 9 : OpenShift Container Platform 4.13.4 (RHSA-2023:3612)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3612 advisory. golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) net/http, golang.org/x/net/http2:...

RHEL 8 : openshift-gitops-kam (RHSA-2023:5407)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5407 advisory. goproxy: Denial of service (DoS) via unspecified vectors. (CVE-2023-37788) Note that Nessus has not tested for this issue but has instead relied...

RHEL 7 / 8 : OpenShift Virtualization 2.6.10 RPMs (RHSA-2022:1402)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1402 advisory. golang: net: lookup functions may return invalid host names (CVE-2021-33195) golang: net/http/httputil: ReverseProxy forwards...

RHEL 9 : kernel (RHSA-2023:6583)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6583 advisory. Kernel: race when faulting a device private page in memory manager (CVE-2022-3523) kernel: use-after-free in l1oip timer handlers...

RHEL 8 : OpenShift Serverless Client kn 1.29.0 (Moderate) (RHSA-2023:3450)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3450 advisory. net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723) golang: crypto/tls: large handshake...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2019:2955)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2955 advisory. HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) HTTP/2: flood using PING frames results in unbounded...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0776)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0776 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5701)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5701 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

RHEL 8 / 9 : Red Hat Service Interconnect 1.4 Release (RHSA-2023:4003)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4003 advisory. golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879) golang: net/http/httputil: ReverseProxy should...

RHEL 8 : Red Hat OpenStack Platform 16.2 (openstack-neutron) (RHSA-2023:4283)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4283 advisory. OpenStack Networking (neutron) is a virtual network service for OpenStack. Just as OpenStack Compute (nova) provides an API to dynamically request...

RHEL 8 : openshift-gitops-kam (RHSA-2023:6243)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6243 advisory. golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) Note that Nessus has not tested...

RHEL 7 / 8 / 9 : OpenShift Virtualization 4.13.6 RPMs (RHSA-2023:7521)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7521 advisory. golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) HTTP/2:...

RHEL 7 / 8 : Red Hat Ansible Automation Platform 1.2.2 (RHSA-2021:0781)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0781 advisory. Red Hat Ansible Automation Platform integrates Red Hat's automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible...

RHEL 8 : bind and dhcp (RHSA-2024:1782)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1782 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....

RHEL 8 : openshift-pipelines-client (RHSA-2023:6781)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6781 advisory. golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) HTTP/2: Multiple HTTP/2...

RHEL 7 / 8 : OpenShift Virtualization 4.12.0 RPMs (RHSA-2023:0407)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0407 advisory. golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561) golang: net/http: limit growth of header...

RHEL 7 : rh-nginx112-nginx (RHSA-2019:2746)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2746 advisory. HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) HTTP/2: flood using PRIORITY frames results in excessive...