17 matches found
Fedora 43 : docker-buildkit (2026-36769a9e58)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-36769a9e58 advisory. - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz2458929 - Upstream new features and fixes Tenable has extracted the preceding description block...
Fedora 43 : docker-buildx (2026-6d1dd77956)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d1dd77956 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...
Fedora 42 : docker-buildx (2026-95f37c21d5)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-95f37c21d5 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...
Fedora 44 : docker-buildx (2026-7f8de90b74)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7f8de90b74 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...
Fedora 42 : docker-buildkit (2026-0adc4a8098)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0adc4a8098 advisory. - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz2458929 - Upstream new features and fixes Tenable has extracted the preceding description block...
CLEANSTART-2026-YQ26872 Security fixes for CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58190, CVE-2026-1229, CVE-2026-24051, CVE-2026-34986, CVE-2026-39984, ghsa-78h2-9frx-2jm8, ghsa-pmwq-pjrm-6p5r, ghsa-xm5m-wgh2-rrg3 applied in versions: 0.13.1-r0, 0.15.1-r0
Multiple security vulnerabilities affect the policy-controller-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-FA95643 Security fixes for CVE-2026-33814, CVE-2026-34986, CVE-2026-39883, CVE-2026-39984, ghsa-pmwq-pjrm-6p5r applied in versions: 0.15.1-r0
Multiple security vulnerabilities affect the policy-controller package. These issues are resolved in later releases. See references for individual vulnerability details...
Fedora 45 : docker-buildkit (2026-7ac27ae1d0)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7ac27ae1d0 advisory. Automatic update for docker-buildkit-0.30.0-1.fc45. Changelog Wed May 13 2026 Bradley G Smith - 0.30.0-1 - Update to release v0.30.0 - Resolves CVE-2026-3998...
Fedora 45 : docker-buildx (2026-3c4c98309d)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3c4c98309d advisory. Automatic update for docker-buildx-0.34.0-1.fc45. Changelog Wed May 13 2026 Bradley G Smith - 0.34.0-1 - Update to release v0.34.0 - Resolves: rhbz2467576 -...
openSUSE 16 Security Update : hauler (openSUSE-SU-2026:20711-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20711-1 advisory. Changes in hauler: - update to 1.4.3 bsc1262353, CVE-2026-39984, bsc1262942, CVE-2026-34986: 1.4 Bump go.opentelemetry.io/otel/sdk from 1.40.0 t...
openSUSE 16 Security Update : trivy (openSUSE-SU-2026:20702-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20702-1 advisory. Changes in trivy: - Update to version 0.70.0 bsc1260193, CVE-2026-33186, bsc1260971, CVE-2026-33747, bsc1261052, CVE-2026-33748, bsc1262389,...
OPENSUSE-SU-2026:20711-1 Security update for hauler
This update for hauler fixes the following issues: Changes in hauler: - update to 1.4.3 bsc1262353, CVE-2026-39984, bsc1262942, CVE-2026-34986: 1.4 Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 in the gomodules group across 1 directory 1.4 Bump github.com/sigstore/timestamp-authority/v2...
Linux Distros Unpatched Vulnerability : CVE-2026-39984
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the...
CVE-2026-39984
creationtimestamp| type| source ---|---|--- 2026-04-15 04:24:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjj2gkkbn72w...
UBUNTU-CVE-2026-39984
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...
CVE-2026-39984
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...
CVE-2026-39984
CVE-2026-39984 – Sigstore Timestamp Authority (tsa/timestamp-authority/v2/pkg/verification) : Versions 2.0.5 and earlier contain an authorization bypass in VerifyTimestampResponse. The code validates the certificate chain correctly but applies TSA-specific constraints using the first non-CA certi...