6423 matches found
AlmaLinux 8 : fapolicyd (ALSA-2022:1898)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1898 advisory. - A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may...
AlmaLinux 8 : cockpit (ALSA-2022:2008)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2008 advisory. - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website,...
AlmaLinux 8 : postgresql:10 (ALSA-2022:1830)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1830 advisory. postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214 Tenable has extracted the preceding description block directly from the...
AlmaLinux 8 : php:7.4 (ALSA-2022:1935)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1935 advisory. php: Local privilege escalation via PHP-FPM CVE-2021-21703 php: SSRF bypass in FILTERVALIDATEURL CVE-2021-21705 Tenable has extracted the preceding...
AlmaLinux 8 : keepalived (ALSA-2022:1930)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1930 advisory. - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property...
AlmaLinux 8 : libssh (ALSA-2022:2031)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2031 advisory. - A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is...
AlmaLinux 8 : qt5-qtsvg (ALSA-2022:1920)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1920 advisory. - Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend called from QPainterPath::addPath...
AlmaLinux 8 : mod_auth_mellon (ALSA-2022:1934)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1934 advisory. - A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by...
AlmaLinux 8 : libtiff (ALSA-2022:1810)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1810 advisory. - Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the invertImage function in the component tiffcrop. CVE-2020-19131 Note that...
AlmaLinux 8 : python39:3.9 and python39-devel:3.9 (ALSA-2022:1763)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1763 advisory. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Tenable has extracted the preceding description block directly fro...
AlmaLinux 8 : cairo and pixman (ALSA-2022:1961)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1961 advisory. - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's...
AlmaLinux 8 : container-tools:rhel8 (ALSA-2022:1762)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1762 advisory. psgo: Privilege escalation in 'podman top' CVE-2022-1227 prometheus/clientgolang: Denial of service using InstrumentHandlerCounter CVE-2022-21698 podman:...
AlmaLinux 8 : kernel (ALSA-2022:1988)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1988 advisory. - In uvcscanchainforward of uvcdriver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of...
AlmaLinux 8 : flatpak (ALSA-2022:1792)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1792 advisory. - Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions...
AlmaLinux 8 : webkit2gtk3 (ALSA-2022:1777)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1777 advisory. - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15...
AlmaLinux 8 : zsh (ALSA-2022:2120)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2120 advisory. - In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs...
java-1.8.0-openjdk bug fix and enhancement update
This erratum reinstates changes made to java-1.8.0-openjdk in AlmaLinux 8.6 GA. The original builds for AlmaLinux 8.6 GA will have been superseded by newer binaries released as part of the April 2022 security update for AlmaLinux 8.5. For detailed information on changes in this release, see the...
ALBA-2022:1731 java-1.8.0-openjdk bug fix and enhancement update
This erratum reinstates changes made to java-1.8.0-openjdk in AlmaLinux 8.6 GA. The original builds for AlmaLinux 8.6 GA will have been superseded by newer binaries released as part of the April 2022 security update for AlmaLinux 8.5. For detailed information on changes in this release, see the...
java-11-openjdk bug fix and enhancement update
This erratum reinstates changes made to java-11-openjdk in AlmaLinux 8.6 GA. The original builds for AlmaLinux 8.6 GA will have been superseded by newer binaries released as part of the April 2022 security update for AlmaLinux 8.5. For detailed information on changes in this release, see the...
ALBA-2022:1732 java-11-openjdk bug fix and enhancement update
This erratum reinstates changes made to java-11-openjdk in AlmaLinux 8.6 GA. The original builds for AlmaLinux 8.6 GA will have been superseded by newer binaries released as part of the April 2022 security update for AlmaLinux 8.5. For detailed information on changes in this release, see the...