410 matches found
SUSE-SU-2026:2254-1 Security update 5.0.8 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Security Fixes: - CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter was updated from version 1.5.0 to 1.10.2: - Security Fixes: - Version...
Security Bulletin: FDB
Summary The library is included as part of the GO installed and not directly affect the product in any means. The go version has been updated since then and has been fixed. This only affect pre-CPD 4.5 Vulnerability Details CVEID:CVE-2022-21698 DESCRIPTION: Prometheus Go client library clientgola...
Security Bulletin: Multiple vulnerabilities that affects IBM Db2 Data Management Console (CVE-2023-39325, CVE-2022-21698)
Summary github.com/prometheus/clientgolang, golang.org/x/net are dependency packages used by IBM Db2 Data Management Console . This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID:CVE-2023-39325 DESCRIPTION: A malicious HTTP/2 client which rapid...
TencentOS Server 3: podman (TSSA-2022:0193)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0193 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 3: skopeo (TSSA-2022:0189)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0189 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2022-21698
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP servers and...
Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cri-o / keda / kube-vip-cloud-provider / kured / moby-engine / node-problem-detector (CVE-2022-21698)
The version of application-gateway-kubernetes-ingress / cri-o / keda / kube-vip-cloud-provider / kured / moby-engine / node-problem-detector installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-21698...
Fedora 37 : cadvisor / containerd / golang-github-cloudflare-redoctober / etc (2022-cd92e4cc43)
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-cd92e4cc43 advisory. Rebuild to mitigate CVE-2022-21698 rhbz2067400. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 37 : golang-github-distribution-3 (2022-741325e9a0)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-741325e9a0 advisory. Update to 3.0.0 pre1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...
Security Bulletin: Potential Denial of Service in IBM Storage Defender - Data Protect
Summary IBM Storage Defender - Data Protect is potentially vulnerable to a denial of service attack via CVE-2022-21698. Vulnerability Details CVEID:CVE-2022-21698 DESCRIPTION: Prometheus Go client library clientgolang is vulnerable to a denial of service, caused by a flaw when handling requests...
Fedora: Security Advisory (FEDORA-2023-0c6723004f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-21698 affecting package prometheus-process-exporter for versions less than 0.8.2-1
CVE-2022-21698 affecting package prometheus-process-exporter for versions less than 0.8.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-21698 affecting package multus for versions less than 4.0.2-1
CVE-2022-21698 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-21698 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.2-2
CVE-2022-21698 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.2-2. A patched version of the package is available...
CVE-2022-21698 affecting package keda for versions less than 2.14.0-1
CVE-2022-21698 affecting package keda for versions less than 2.14.0-1. An upgraded version of the package is available that resolves this issue...
RHEL 7 : prometheus_client_golang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - prometheus/clientgolang: Denial of service using InstrumentHandlerCounter CVE-2022-21698 Note that Nessus has not...
CVE-2022-21698 affecting package cri-o for versions less than 1.21.7-2
CVE-2022-21698 affecting package cri-o for versions less than 1.21.7-2. A patched version of the package is available...
RHEL 8 : Release of OpenShift Serverless Client kn 1.24.0 (Important) (RHSA-2022:6042)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6042 advisory. Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered a...
RHEL 7 / 8 : OpenShift Virtualization 4.10.1 RPMs (RHSA-2022:4667)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4667 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
CVE-2022-21698 affecting package moby-engine for versions less than 25.0.3-1
CVE-2022-21698 affecting package moby-engine for versions less than 25.0.3-1. An upgraded version of the package is available that resolves this issue...