AlmaLinux 9 : golang (ALSA-2024:7550)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:7550 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 9 : linux-firmware (ALSA-2024:7484)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7484 advisory. kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity CVE-2023-20584 kernel: hw: amd:Incomplete system memo...

AlmaLinux 9 : thunderbird (ALSA-2024:7552)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:7552 advisory. thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox: thunderbird...

AlmaLinux 9 : firefox (ALSA-2024:7505)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7505 advisory. firefox: 115.16/128.3 ESR firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and...

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2024:7502)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:7502 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : linux-firmware (ALSA-2024:7481)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7481 advisory. kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity CVE-2023-20584 kernel: hw: amd:Incomplete system memo...

AlmaLinux 8 : cups-filters (ALSA-2024:7463)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7463 advisory. cups-browsed: cups-browsed binds on UDP INADDRANY:631 trusting any packet from any source cups-filters: libcupsfilters: cfGetPrinterAttributes API does no...

AlmaLinux 8 : grafana (ALSA-2024:7349)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:7349 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 Tenable has extracted the preceding description block directly from th...

AlmaLinux 9 : cups-filters (ALSA-2024:7346)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7346 advisory. cups-browsed: cups-browsed binds on UDP INADDRANY:631 trusting any packet from any source cups-filters: libcupsfilters: cfGetPrinterAttributes API does no...

AlmaLinux 9 : net-snmp (ALSA-2024:7260)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7260 advisory. net-snmp: A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. CVE-2022-24805 : net-snmp: Imprope...

AlmaLinux 8 : osbuild-composer (ALSA-2024:7262)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7262 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 encoding/gob: golang: Calling Decoder.Decode on a message...

AlmaLinux 9 : osbuild-composer (ALSA-2024:7204)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:7204 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...

AlmaLinux 8 : git-lfs (ALSA-2024:7135)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:7135 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...

AlmaLinux 9 : git-lfs (ALSA-2024:7136)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:7136 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...

AlmaLinux 8 : python3.11 (ALSA-2024:6962)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6962 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 cpython: python: email module doesn't properly quotes newlines in email headers, allowing...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:6969)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6969 advisory. golang: net/http: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 golang: crypto/x509: Verify panics on certificates with an unknown public...

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2024:6964)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6964 advisory. QEMU: virtio: DMA reentrancy issue leads to double free vulnerability CVE-2024-3446 QEMU: Denial of Service via Improper Synchronization in QEMU NBD Serve...

AlmaLinux 9 : golang (ALSA-2024:6913)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6913 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions...

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2024:6908)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6908 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions...

AlmaLinux 8 : dovecot (ALSA-2024:6973)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6973 advisory. dovecot: using a large number of address headers may trigger a denial of service CVE-2024-23184 dovecot: very large headers can cause resource exhaustion...