AlmaLinux 9 : libreoffice (ALSA-2024:5583)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5583 advisory. libreoffice: bility to trust not validated macro signatures removed in high security mode CVE-2024-6472 Tenable has extracted the preceding description block...

AlmaLinux 9 : python3.12-setuptools (ALSA-2024:5533)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5533 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

AlmaLinux 9 : curl (ALSA-2024:5529)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5529 advisory. curl: HTTP/2 push headers memory-leak CVE-2024-2398 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 9 : tomcat (ALSA-2024:5693)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5693 advisory. tomcat: Improper Handling of Exceptional Conditions CVE-2024-34750 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : python3.11-setuptools (ALSA-2024:5532)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5532 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

AlmaLinux 8 : libreoffice (ALSA-2024:5598)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5598 advisory. libreoffice: bility to trust not validated macro signatures removed in high security mode CVE-2024-6472 Tenable has extracted the preceding description block...

AlmaLinux 8 : python3.12-setuptools (ALSA-2024:5531)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5531 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

AlmaLinux 8 : curl (ALSA-2024:5654)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5654 advisory. curl: HTTP/2 push headers memory-leak CVE-2024-2398 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : python-setuptools (ALSA-2024:5530)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5530 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

AlmaLinux 8 : tomcat (ALSA-2024:5694)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5694 advisory. tomcat: Improper Handling of Exceptional Conditions CVE-2024-34750 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:5258)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...

Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose: Denia...

AlmaLinux 9 : 389-ds-base (ALSA-2024:5192)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5192 advisory. 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-5953 389-ds-base: unauthenticated user can trigger a DoS by sending a specif...

ALSA-2024:5294 Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose: Denia...

AlmaLinux 8 : httpd:2.4 (ALSA-2024:5193)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5193 advisory. httpd: Security issues via?backend applications whose response headers are malicious or exploitable CVE-2024-38476 Tenable has extracted the preceding description...

AlmaLinux 8 : kernel (ALSA-2024:5101)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5101 advisory. kernel: powerpc: Fix access beyond end of drmem array CVE-2023-52451 kernel: efivarfs: force RO when remounting if SetVariable is not supported...

AlmaLinux 8 : kernel-rt (ALSA-2024:5102)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5102 advisory. kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: tracing: Restructure traceclockglobal to never block...

AlmaLinux 9 : httpd (ALSA-2024:5138)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5138 advisory. httpd: Security issues via?backend applications whose response headers are malicious or exploitable CVE-2024-38476 Tenable has extracted the preceding description...

AlmaLinux 8 : libtiff (ALSA-2024:5079)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5079 advisory. libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tifdirread.c CVE-2018-15209 libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c...

AlmaLinux 9 : squid (ALSA-2024:4861)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4861 advisory. squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Out-of-bounds write error may lead to Denial o...