AlmaLinux 9 : ruby:3.3 (ALSA-2024:6785)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6785 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace characte...

AlmaLinux 8 : firefox (ALSA-2024:6682)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:6682 advisory. firefox: 115.15/128.2 ESR mozilla: Type confusion when looking up a property name in a with block CVE-2024-8381 mozilla: Internal event interfaces were...

AlmaLinux 8 : pcs (ALSA-2024:6670)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6670 advisory. rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, and CVE-2024-41123 rexml: DoS vulnerability in...

AlmaLinux 9 : emacs (ALSA-2024:6510)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6510 advisory. emacs: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code CVE-2024-39331 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : 389-ds:1.4 (ALSA-2024:6569)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6569 advisory. 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-5953 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 9 : dovecot (ALSA-2024:6529)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6529 advisory. dovecot: using a large number of address headers may trigger a denial of service CVE-2024-23184 dovecot: very large headers can cause resource exhaustion...

AlmaLinux 9 : glib2 (ALSA-2024:6464)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6464 advisory. glib2: Signal subscription vulnerabilities CVE-2024-34397 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 8 : bubblewrap and flatpak (ALSA-2024:6422)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6422 advisory. flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 Tenable has extracted the preceding description block directly from th...

AlmaLinux 9 : bubblewrap and flatpak (ALSA-2024:6356)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6356 advisory. flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 Tenable has extracted the preceding description block directly from th...

AlmaLinux 8 : fence-agents (ALSA-2024:6309)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6309 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 pypa/setuptools: Remote code execution via downlo...

AlmaLinux 8 : resource-agents (ALSA-2024:6311)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6311 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 pypa/setuptools: Remote code execution via downlo...

AlmaLinux 9 : orc (ALSA-2024:6184)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6184 advisory. orc: Stack-based buffer overflow vulnerability in ORC CVE-2024-40897 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : containernetworking-plugins (ALSA-2024:6186)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:6186 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 Tenable has extracted the preceding description block direct...

AlmaLinux 9 : ghostscript (ALSA-2024:6197)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6197 advisory. ghostscript: format string injection leads to shell command execution SAFER bypass CVE-2024-29510 ghostscript: path traversal and command execution due to...

AlmaLinux 9 : wget (ALSA-2024:6192)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:6192 advisory. wget: Misinterpretation of input may lead to improper behavior CVE-2024-38428 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : runc (ALSA-2024:6188)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:6188 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 Tenable has extracted the preceding description block direct...

AlmaLinux 9 : python3.9 (ALSA-2024:6163)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6163 advisory. cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection CVE-2024-6923 Tenable has extracted the preceding...

AlmaLinux 9 : podman (ALSA-2024:6194)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6194 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 go-retryablehttp: url might write sensitive...

AlmaLinux 9 : krb5 (ALSA-2024:6166)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6166 advisory. krb5: GSS message token handling CVE-2024-37371 krb5: GSS message token handling CVE-2024-37370 Tenable has extracted the preceding description block...

AlmaLinux 9 : python3.11 (ALSA-2024:6179)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6179 advisory. cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection CVE-2024-6923 Tenable has extracted the preceding...