107 matches found
MiracleLinux 8 : c-ares-1.13.0-6.el8.2 (AXSA:2023-6142:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6142:03 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 Tenable has extracted the preceding description block directly from the MiracleLinux security...
MiracleLinux 7 : c-ares-1.10.0-3.el7.1 (AXSA:2023-6131:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6131:02 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 Tenable has extracted the preceding description block directly from the MiracleLinux security...
TencentOS Server 2: c-ares (TSSA-2023:0128)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0128 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: jshttp cooki...
CVE-2023-32067 affecting package grpc for versions less than 1.42.0-8
CVE-2023-32067 affecting package grpc for versions less than 1.42.0-8. A patched version of the package is available...
NewStart CGSL MAIN 6.02 : c-ares Multiple Vulnerabilities (NS-SA-2024-0066)
The remote NewStart CGSL host, running version MAIN 6.02, has c-ares packages installed that are affected by multiple vulnerabilities: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnam...
Photon OS 5.0: Python3 PHSA-2023-5.0-0084
An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0084. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CBL Mariner 2.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-32067)
The version of c-ares / fluent-bit / grpc / nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32067 advisory. - c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of...
CVE-2023-32067 affecting package grpc for versions less than 1.62.0-2
CVE-2023-32067 affecting package grpc for versions less than 1.62.0-2. An upgraded version of the package is available that resolves this issue...
CentOS 8 : c-ares (CESA-2023:3584)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3584 advisory. - c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP...
EulerOS 2.0 SP8 : c-ares (EulerOS-SA-2023-3115)
According to the versions of the c-ares packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, a...
EulerOS Virtualization 2.11.1 : c-ares (EulerOS-SA-2023-2718)
According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in...
EulerOS Virtualization 2.11.0 : c-ares (EulerOS-SA-2023-2749)
According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in...
EulerOS Virtualization 3.0.6.0 : c-ares (EulerOS-SA-2023-3421)
According to the versions of the c-ares packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE wil...
EulerOS Virtualization 2.9.0 : c-ares (EulerOS-SA-2023-2977)
According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...
EulerOS 2.0 SP11 : c-ares (EulerOS-SA-2023-2676)
According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular...
CVE-2023-32067 affecting package python-gevent for versions less than 21.1.2-3
CVE-2023-32067 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-3115)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-32067 affecting package fluent-bit for versions less than 2.1.10-1
CVE-2023-32067 affecting package fluent-bit for versions less than 2.1.10-1. An upgraded version of the package is available that resolves this issue...
NewStart CGSL MAIN 6.06 : c-ares Vulnerability (NS-SA-2023-0136)
The remote NewStart CGSL host, running version MAIN 6.06, has c-ares packages installed that are affected by a vulnerability: - c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet wit...