407 matches found
Siemens SENTRON 7KT PAC1261 HTTP Request/Response Smuggling (CVE-2025-22871)
The Go net/http package incorrectly treats a bare line feed LF as a valid line terminator in chunked transfer data. This flaw can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as a line terminator. This plugin only works with...
RockyLinux 8 : osbuild-composer (RLSA-2025:9844)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9844 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly fr...
osbuild-composer security update
An update is available for osbuild-composer. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images an...
RHCOS 4 : OpenShift Container Platform 4.16.45 (RHSA-2025:11682)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:11682 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...
RHCOS 4 : OpenShift Container Platform 4.12.78 (RHSA-2025:10271)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10271 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...
RHCOS 4 : OpenShift Container Platform 4.18.21 (RHSA-2025:11678)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11678 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...
RHCOS 4 : OpenShift Container Platform 4.15.55 (RHSA-2025:11352)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:11352 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...
RHCOS 4 : OpenShift Container Platform 4.18.20 (RHSA-2025:10768)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10768 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...
RHCOS 4 : OpenShift Container Platform 4.19.11 (RHSA-2025:15291)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15291 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...
RHCOS 4 : OpenShift Container Platform 4.19.1 (RHSA-2025:9279)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9279 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...
Oracle Linux 8 : container-tools:rhel8 (ELSA-2026-4672)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4672 advisory. - rebuild for CVE-2025-68121 - rebuild for CVE-2025-61729 - fixes 'CVE-2025-47913 container-tools:rhel8/buildah: golang.org/x/crypto/ssh/agent: SSH...
Oracle Linux 8 : container-tools:ol8 (ELSA-2026-3428)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3428 advisory. - rebuild for CVE-2025-61729 - rebuild for CVE-2025-22871 - rebuild for CVE-2025-61729 - rebuild for CVE-2025-61729 Tenable has extracted the preceding...
Photon OS 4.0: Go PHSA-2026-4.0-0968
An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0968. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid300118...
containernetworking-plugins security update
1:1.7.1-3 - Rebuild for new golang to address CVE-2025-61726 - Resolves: RHEL-146859 1:1.7.1-2 - rebuild for CVE-2025-22871 - Resolves: RHEL-90030...
Oracle Linux 8 : container-tools:ol8 (ELSA-2026-0753)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0753 advisory. - fixes 'CVE-2025-47913 container-tools:rhel8/buildah: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS rhel-8.10.z' - rebuild...
CVE-2026-22871
creationtimestamp| type| source ---|---|--- 2026-01-13 22:26:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcdly4rcs22e 2026-01-24 21:25:29+00:00| seen| https://gist.github.com/alon710/6ed28dba41b78b35d740216de4fe6276 2026-01-24 22:40:55+00:00| seen|...
MiracleLinux 9 : buildah-1.39.4-2.el9_6 (AXSA:2025-10547:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10547:03 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...
MiracleLinux 8 : grafana-pcp-5.1.1-10.el8_10 (AXSA:2025-10022:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10022:01 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...
MiracleLinux 8 : grafana-9.2.10-25.el8_10 (AXSA:2025-10021:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10021:06 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...
MiracleLinux 9 : podman-5.4.0-10.el9_6 (AXSA:2025-10671:08)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10671:08 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...