AlmaLinux 8 : python3 (ALSA-2024:4243)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4243 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 Tenable has extracted the preceding description block directly fro...

AlmaLinux 8 : kernel (ALSA-2024:4211)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4211 advisory. kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel:TCP-spoofed ghost ACKs and leak leak initial...

AlmaLinux 8 : httpd:2.4/httpd (ALSA-2024:4197)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4197 advisory. httpd:2.4: httpd: HTTP response splitting CVE-2023-38709 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

ALSA-2024:4211 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel:TCP-spoofed ghost ACKs and leak leak initial sequence number...

AlmaLinux 9 : pki-core (ALSA-2024:4165)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4165 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the AlmaLinux security...

ALSA-2024:4165 Important: pki-core security update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: dogtag ca: token authentication bypass vulnerability CVE-2023-4727 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

AlmaLinux 9 : python3.9 (ALSA-2024:4078)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4078 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of service...

AlmaLinux 9 : git (ALSA-2024:4083)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4083 advisory. git: Recursive clones RCE CVE-2024-32002 git: RCE while cloning local repos CVE-2024-32004 git: additional local RCE CVE-2024-32465 git: insecure hardlink...

AlmaLinux 9 : python3.11 (ALSA-2024:4077)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4077 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : git (ALSA-2024:4084)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4084 advisory. git: Recursive clones RCE CVE-2024-32002 git: RCE while cloning local repos CVE-2024-32004 git: additional local RCE CVE-2024-32465 git: insecure hardlink...

AlmaLinux 9 : libreswan (ALSA-2024:4050)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4050 advisory. libreswan: IKEv1 default AH/ESP responder can crash and restart CVE-2024-3652 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : python3.11 (ALSA-2024:4058)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4058 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of service...

AlmaLinux 8 : thunderbird (ALSA-2024:4036)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4036 advisory. thunderbird: Use-after-free in networking CVE-2024-5702 thunderbird: Use-after-free in JavaScript object transplant CVE-2024-5688 thunderbird: External...

AlmaLinux 9 : ghostscript (ALSA-2024:3999)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3999 advisory. ghostscript: OPVP device arbitrary code execution via custom Driver library CVE-2024-33871 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : ghostscript (ALSA-2024:4000)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4000 advisory. ghostscript: OPVP device arbitrary code execution via custom Driver library CVE-2024-33871 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : thunderbird (ALSA-2024:4002)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4002 advisory. thunderbird: Use-after-free in networking CVE-2024-5702 thunderbird: Use-after-free in JavaScript object transplant CVE-2024-5688 thunderbird: External...

AlmaLinux 8 : container-tools:rhel8 bug fix and enhancement update (Medium) (ALSA-2024:3968)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3968 advisory. podman: jose-go: improper handling of highly compressed data CVE-2024-28180 buildah: jose-go: improper handling of highly compressed data CVE-2024-28180...

AlmaLinux 9 : flatpak (ALSA-2024:3959)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3959 advisory. flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : flatpak (ALSA-2024:3961)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3961 advisory. flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : firefox (ALSA-2024:3955)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3955 advisory. firefox: Use-after-free in networking CVE-2024-5702 firefox: Use-after-free in JavaScript object transplant CVE-2024-5688 firefox: External protocol...