ROOT-OS-DEBIAN-11-CVE-2022-50163 CVE-2022-50163 in rootio-linux - Patched by Root

Root has patched CVE-2022-50163 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

RHCOS 4 : OpenShift Container Platform 4.6.55 (RHSA-2022:0565)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0565 advisory. - jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF CVE-2022-20612 -...

RHCOS 4 : OpenShift Container Platform 4.7.41 (RHSA-2022:0114)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0114 advisory. - haproxy: an HTTP method name may contain a space followed by the name of a protected resource CVE-2021-39241 - haproxy: request...

RHCOS 4 : OpenShift Container Platform 4.10.6 (RHSA-2022:1025)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:1025 advisory. - workflow-cps: OS command execution through crafted SCM contents CVE-2022-25173 - workflow-cps-global-lib: OS command execution...

RHCOS 4 : OpenShift Container Platform 4.10.5 (RHSA-2022:0927)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0927 advisory. - golang: net/http: limit growth of header canonicalization cache CVE-2021-44716 - golang: syscall: don't close fd 0 on ForkExec err...

RHCOS 4 : OpenShift Container Platform 4.9.19 (RHSA-2022:0339)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0339 advisory. - jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF CVE-2022-20612 -...

RHCOS 3 : OpenShift Container Platform 3.11.715 (RHSA-2022:4999)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:4999 advisory. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 Note that Nessus has not tested for this issue but has inste...

Azure Linux 3.0 Security Update: python-waitress (CVE-2022-31015)

The version of python-waitress installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-31015 advisory. - Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and...

MiracleLinux 8 : libksba-1.3.5-8.el8 (AXSA:2022-3913:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3913:01 advisory. libksba: integer overflow may lead to remote code execution CVE-2022-3515 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 9 : webkit2gtk3-2.36.7-1.el9 (AXSA:2022-4080:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4080:03 advisory. webkitgtk: processing maliciously crafted web content may lead to arbitrary code execution CVE-2022-32893 Tenable has extracted the preceding description blo...

MiracleLinux 8 : aspell-0.60.6.1-22.el8.ML.1 (AXSA:2022-3329:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3329:02 advisory. aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : squid:4 (AXSA:2022-3562:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3562:01 advisory. squid: out-of-bounds read in WCCP protocol data may lead to information disclosure CVE-2021-28116 Tenable has extracted the preceding description block...

MiracleLinux 8 : vim-8.0.1763-16.el8.12 (AXSA:2022-3106:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3106:02 advisory. vim: Heap-based buffer overflow in blockinsert in src/ops.c CVE-2022-0261 vim: Heap-based buffer overflow in utfheadoff in mbyte.c CVE-2022-0318 vim...

MiracleLinux 8 : dotnet3.1-3.1.420-1.el8.ML.1 (AXSA:2022-3744:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3744:08 advisory. dotnet: NuGet Credential leak due to loss of control of third party symbol server domain CVE-2022-30184 Tenable has extracted the preceding description block...

MiracleLinux 8 : aide-0.16-14.el8.1 (AXSA:2022-3054:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3054:01 advisory. aide: heap-based buffer overflow on outputs larger than B64BUF CVE-2021-45417 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : grub2-2.02-0.87.11.0.1.el7.AXS7 (AXSA:2022-4404:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4404:04 advisory. grub2: Integer underflow in grubnetrecvip4packets CVE-2022-28733 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 7 : firefox-102.5.0-1.0.1.el7.AXS7 (AXSA:2022-4189:37)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4189:37 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...

MiracleLinux 8 : mailman:2.1 (AXSA:2022-2976:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2976:01 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 mailman: CSRF token derived from admin password allows...

MiracleLinux 7 : java-11-openjdk-11.0.15.0.9-2.el7 (AXSA:2022-3150:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3150:06 advisory. OpenJDK: Defective secure validation in Apache Santuario Libraries, 8278008 CVE-2022-21476 OpenJDK: Unbounded memory allocation when compiling craft...

MiracleLinux 8 : gnome-shell-3.32.2-44.el8.ML.1 (AXSA:2022-3635:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3635:03 advisory. gnome-shell: Password from logged-out user may be shown on login screen CVE-2020-17489 Tenable has extracted the preceding description block directly from th...