6423 matches found
AlmaLinux 9 : thunderbird (ALSA-2023:6191)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:6191 advisory. - VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. CVE-2023-44488 - It was possible for certain browser prompts and...
AlmaLinux 9 : libguestfs-winsupport (ALSA-2023:6167)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:6167 advisory. - A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if th...
AlmaLinux 9 : nginx:1.22 (ALSA-2023:6120)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:6120 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description block...
AlmaLinux 8 : varnish (ALSA-2023:5989)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5989 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description block...
AlmaLinux 8 : python39:3.9 and python39-devel:3.9 (ALSA-2023:5998)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5998 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus h...
AlmaLinux 8 : python27:2.7 (ALSA-2023:5994)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5994 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus h...
AlmaLinux 8 : python3 (ALSA-2023:5997)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5997 advisory. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP...
AlmaLinux 9 : toolbox (ALSA-2023:6077)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:6077 advisory. - A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total...
ALSA-2023:6077 Moderate: toolbox security update
The rhel9/toolbox container image can be used with Toolbox to obtain AlmaLinux based containerized command line environments to aid with development and software testing. Toolbox is built on top of Podman and other standard container technologies from OCI. This updates the rhel9/toolbox image in...
Moderate: toolbox security update
The rhel9/toolbox container image can be used with Toolbox to obtain AlmaLinux based containerized command line environments to aid with development and software testing. Toolbox is built on top of Podman and other standard container technologies from OCI. This updates the rhel9/toolbox image in...
AlmaLinux 8 : tomcat (ALSA-2023:5928)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5928 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild ...
AlmaLinux 9 : varnish (ALSA-2023:5924)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5924 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild ...
AlmaLinux 8 : java-11-openjdk (ALSA-2023:5742)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5742 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:...
AlmaLinux 9 : java-17-openjdk (ALSA-2023:5753)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5753 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported...
AlmaLinux 8 : java-17-openjdk (ALSA-2023:5751)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5751 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported...
AlmaLinux 9 : java-1.8.0-openjdk (ALSA-2023:5733)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5733 advisory. OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path...
AlmaLinux 8 : java-1.8.0-openjdk (ALSA-2023:5731)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5731 advisory. OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path...
AlmaLinux 9 : java-11-openjdk (ALSA-2023:5744)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5744 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:...
AlmaLinux 9 : tomcat (ALSA-2023:5929)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5929 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild ...
AlmaLinux 9 : php (ALSA-2023:5926)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5926 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, passwordverify function may accept some invalid Blowfish hashes as valid. If suc...