Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

ALSA-2024:9317 Low: NetworkManager security update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

ALSA-2024:9423 Moderate: python-dns security update

The python-dns package contains the dnslib module that implements a DNS client and additional modules that define certain symbolic constants used by DNS, such as dnstype, dnsclass and dnsopcode. Security Fixes: dnspython: denial of service in stub resolver CVE-2023-29483 For more details about th...

AlmaLinux 9 : podman (ALSA-2024:9051)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:9051 advisory. Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction CVE-2024-9407 buildah: Buildah allows arbitrar...

AlmaLinux 9 : edk2 (ALSA-2024:8935)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8935 advisory. openssl: Possible denial of service in X.509 name checks CVE-2024-6119 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : xorg-x11-server and xorg-x11-server-Xwayland (ALSA-2024:8798)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8798 advisory. xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability CVE-2024-9632 Tenable has extracted the preceding description block direct...

AlmaLinux 8 : haproxy (ALSA-2024:8849)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8849 advisory. haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539 Tenable has extracted the preceding description block...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:8846)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8846 advisory. Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library CVE-2024-9341 Buildah: Podman: Improper Input Validati...

AlmaLinux 8 : kernel (ALSA-2024:8856)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8856 advisory. kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistration function...

AlmaLinux 8 : xmlrpc-c (ALSA-2024:8859)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8859 advisory. libexpat: Integer Overflow or Wraparound CVE-2024-45491 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 8 : bcc (ALSA-2024:8831)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8831 advisory. bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : krb5 (ALSA-2024:8860)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8860 advisory. freeradius: forgery attack CVE-2024-3596 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has...

AlmaLinux 8 : libtiff (ALSA-2024:8833)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8833 advisory. libtiff: NULL pointer dereference in tifdirinfo.c CVE-2024-7006 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 8 : python-gevent (ALSA-2024:8834)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8834 advisory. python-gevent: privilege escalation via a crafted script to the WSGIServer component CVE-2023-41419 Tenable has extracted the preceding description block directly...

AlmaLinux 8 : kernel-rt (ALSA-2024:8870)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8870 advisory. kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistration function...

AlmaLinux 8 : python3.12-urllib3 (ALSA-2024:8842)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8842 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 Tenable has extracted the preceding description block...

AlmaLinux 8 : python3.11-urllib3 (ALSA-2024:8843)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8843 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 Tenable has extracted the preceding description block...

AlmaLinux 8 : python3.12 (ALSA-2024:8836)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8836 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...

AlmaLinux 8 : grafana-pcp (ALSA-2024:8847)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8847 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : python3.11 (ALSA-2024:8838)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8838 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...