64 matches found
USN-8089-3 adsys, juju-core, lxd vulnerabilities
USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in LXD, ADSys, and Juju Core. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go...
MiracleLinux 8 : container-tools:rhel8 (AXSA:2023-7318:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7318:02 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper...
CVE-2023-3978 affecting package podman for versions less than 5.6.1-2
CVE-2023-3978 affecting package podman for versions less than 5.6.1-2. An upgraded version of the package is available that resolves this issue...
Security Bulletin: IBM Storage Fusion is affected by exposure of information through cross-site scripting or data queries (CVE-2023-45288, CVE-2023-3978)
Summary IBM Storage Fusion Data Foundation uses HTTP to communicate. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2023-45288, CVE-2023-3978. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: An attacker may cause an HTTP/...
CVE-2023-3978 affecting package containerized-data-importer for versions less than 1.57.0-12
CVE-2023-3978 affecting package containerized-data-importer for versions less than 1.57.0-12. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2023-3978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack...
CVE-2023-3978 affecting package kubevirt for versions less than 0.59.0-24
CVE-2023-3978 affecting package kubevirt for versions less than 0.59.0-24. A patched version of the package is available...
CVE-2023-3978 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-1
CVE-2023-3978 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-1. An upgraded version of the package is available that resolves this issue...
Azure Linux 3.0 Security Update: cert-manager / cni-plugins / kubevirt / multus / packer / prometheus-adapter (CVE-2023-3978)
The version of cert-manager / cni-plugins / kubevirt / multus / packer / prometheus-adapter installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3978 advisory. - Text nodes not in the HTML namespace ar...
SUSE SLES15: golang-github-lusitaniae-apache_exporter / etc (SUSE-SU-2024:4011-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4011-1 advisory. golang-github-lusitaniae-apacheexporter: - Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency bsc1213933 Tenable...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.42 bug fix and security update
Red Hat OpenShift Container Platform release 4.14.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...
openSUSE Security Advisory (SUSE-SU-2024:4011-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:4019-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter was updated from version 1.0.1 to 1.0.8: - Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency in version 1.0.2 bsc1213933 - Bugs fixed: Require Go 1.20 when building for RedHat derivatives...
CVE-2023-3978 affecting package multus for versions less than 4.0.2-2
CVE-2023-3978 affecting package multus for versions less than 4.0.2-2. A patched version of the package is available...
CVE-2023-3978 affecting package multus for versions less than 4.0.2-5
CVE-2023-3978 affecting package multus for versions less than 4.0.2-5. A patched version of the package is available...
CVE-2023-3978 affecting package cert-manager for versions less than 1.11.2-14
CVE-2023-3978 affecting package cert-manager for versions less than 1.11.2-14. A patched version of the package is available...
Fedora: Security Advisory (FEDORA-2023-5effef25a3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2023-684eb03db0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2023-ff1e594f3d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-3978 affecting package cert-manager for versions less than 1.12.12-1
CVE-2023-3978 affecting package cert-manager for versions less than 1.12.12-1. An upgraded version of the package is available that resolves this issue...