93 matches found
MiracleLinux 8 : osbuild-composer-100-1.el8.ML.1, osbuild-110-1.el8.ML.1 (AXSA:2024-8384:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8384:02 advisory. osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 Tenable has extracted the preceding description block...
EUVD-2026-2307
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...
CVE-2025-2307
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Aidango allows Cross-Site Scripting XSS. This issue affects Aidango: before 2.144.4...
EUVD-2015-6784
Malware in sbrugna...
SUSE: Security Advisory (SUSE-SU-2024:2307-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-2307
A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted,...
CVE-2012-2307
Cross-site request forgery CSRF vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
openSUSE Security Advisory (SUSE-SU-2024:2307-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RLSA-2024:2961 Moderate: Image builder components bug fix, enhancement and security update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 For more details about the security issues,...
RHEL 8 : Image builder components (RHSA-2024:2961)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2961 advisory. Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security...
Moderate: Red Hat Security Advisory: Image builder components bug fix, enhancement and security update
An update for osbuild and osbuild-composer is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CentOS 8 : Image builder components bug fix, enhancement and (CESA-2024:2961)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:2961 advisory. - A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase t...
Moderate: Red Hat Security Advisory: Image builder components bug fix, enhancement and security update
An update for osbuild and osbuild-composer is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
osbuild-composer < 94 Race Condition
The version of osbuild-composer installed on the remote host is prior to 94. It may, therefore, be affected by a race condition. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted...
CVE-2024-2307
creationtimestamp| type| source ---|---|--- 2024-03-19 17:21:27+00:00| seen| https://t.me/ctinow/211724 2024-03-19 18:27:06+00:00| seen| https://t.me/ctinow/211814 2024-04-09 18:56:17+00:00| seen| https://t.me/arpsyndicate/4398...
CVE-2024-2307 Osbuild-composer: race condition may disable gpg verification for package repositories
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built...
CVE-2024-2307 Osbuild-composer: race condition may disable gpg verification for package repositories
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built...
Malicious code in wlwz-2312-2307 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4270bc1866347b6031831eef6828380c8c754b499922bf5de644633c78ea197 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Amazon Linux 2 : libsepol (ALAS-2023-2307)
The version of libsepol installed on the remote host is prior to 2.5-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2307 advisory. The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and...
CVE-2023-2307
creationtimestamp| type| source ---|---|--- 2023-04-26 20:25:54+00:00| seen| https://t.me/cibsecurity/62911...