AlmaLinux 8 : 389-ds (ALSA-2024:4235)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4235 advisory. 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request CVE-2024-3657 389-ds-base: Malformed userPassword may cause crash a...

AlmaLinux 8 : libreoffice (ALSA-2024:4242)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4242 advisory. libreoffice: create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic CVE-2024-3044 Tenable has extracted the...

AlmaLinux 8 : go-toolset (ALSA-2024:4237)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4237 advisory. golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6...

AlmaLinux 9 : golang (ALSA-2024:4212)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4212 advisory. golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6...

AlmaLinux 8 : container-tools (ALSA-2024:4246)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4246 advisory. golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-24786...

AlmaLinux 8 : c-ares (ALSA-2024:4249)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4249 advisory. c-ares: Out of bounds read in aresreadline CVE-2024-25629 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 8 : python-jinja2 (ALSA-2024:4231)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4231 advisory. jinja2: accepts keys containing non-attribute characters CVE-2024-34064 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : python3.11-PyMySQL (ALSA-2024:4244)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4244 advisory. python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : iperf3 (ALSA-2024:4241)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4241 advisory. iperf3: possible denial of service CVE-2023-7250 iperf3: vulnerable to marvin attack if the authentication option is used CVE-2024-26306 Tenable has...

AlmaLinux 8 : less (ALSA-2024:4256)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4256 advisory. less: OS command injection CVE-2024-32487 less: missing quoting of shell metacharacters in LESSCLOSE handling CVE-2022-48624 Tenable has extracted the...

AlmaLinux 8 : openldap (ALSA-2024:4264)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4264 advisory. openldap: null pointer dereference in bermemallocx function CVE-2023-2953 Tenable has extracted the preceding description block directly from the AlmaLinux securit...

AlmaLinux 8 : fontforge (ALSA-2024:4267)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4267 advisory. fontforge: command injection via crafted filenames CVE-2024-25081 fontforge: command injection via crafted archives or compressed files CVE-2024-25082...

AlmaLinux 8 : python-pillow (ALSA-2024:4227)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4227 advisory. python-pillow: buffer overflow in imagingcms.c CVE-2024-28219 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 8 : cups (ALSA-2024:4265)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4265 advisory. cups: Cupsd Listen arbitrary chmod 0140777 CVE-2024-35235 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 9 : qemu-kvm (ALSA-2024:4278)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4278 advisory. qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write CVE-2024-4467 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : xmlrpc-c (ALSA-2024:4259)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4259 advisory. expat: parsing large tokens can trigger a denial of service CVE-2023-52425 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

AlmaLinux 8 : python3 (ALSA-2024:4245)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4245 advisory. python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : nghttp2 (ALSA-2024:4252)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4252 advisory. nghttp2: CONTINUATION frames DoS CVE-2024-28182 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Ness...

AlmaLinux 8 : libuv (ALSA-2024:4247)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4247 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the AlmaLin...

AlmaLinux 8 : python-idna (ALSA-2024:4260)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4260 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description block...