61 matches found
MiracleLinux 8 : gnutls-3.6.16-8.el8_9.3.ML.1 (AXSA:2024-7683:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7683:04 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 Tenable has extracted the preceding description block directly from the MiracleLin...
MiracleLinux 9 : gnutls-3.8.3-4.el9 (AXSA:2024-8060:06)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8060:06 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain building/verification CVE-2024-28835...
Security Bulletin: IBM Storage Ceph is vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the RHEL UBI (CVE-2024-28834)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2024-28834 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2024-28834 DESCRIPTION: GnuTLS could allow a remote authenticated attacker to obtain...
Alibaba Cloud Linux 3 : 0214: gnutls (ALINUX3-SA-2024:0214)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0214 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-0553: A vulnerability was found i...
CVE-2024-28834 affecting package gnutls for versions less than 3.8.3-2
CVE-2024-28834 affecting package gnutls for versions less than 3.8.3-2. A patched version of the package is available...
CVE-2024-28834 affecting package gnutls for versions less than 3.7.11-1
CVE-2024-28834 affecting package gnutls for versions less than 3.7.11-1. A patched version of the package is available...
CLSA-2024-1728056381 gnutls: Fix of CVE-2024-28834
CVE-2024-28834: fix side-channel leak in the deterministic ECDSA...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.1
Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.1 Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: GNOME libxml2 is vulnerable to a denial of service, caused by a...
Debian dla-3875 : gnutls-bin - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3875 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3875-1 [email protected]...
[SECURITY] [DLA 3875-1] gnutls28 security update
Debian LTS Advisory DLA-3875-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 05, 2024 https://wiki.debian.org/LTS Package : gnutls28 Version : 3.7.1-5+deb11u6 CVE ID : CVE-2024-28834 CVE-2024-28835 Debian Bug : 1067463 1067464 Vulnerabilities have been...
EulerOS Virtualization 2.11.0 : gnutls (EulerOS-SA-2024-2192)
According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems lik...
EulerOS Virtualization 2.11.1 : gnutls (EulerOS-SA-2024-2167)
According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems lik...
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2138)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2167)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2192)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2118)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : gnutls (EulerOS-SA-2024-2138)
According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems lik...
EulerOS Virtualization 2.10.0 : gnutls (EulerOS-SA-2024-2118)
According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems lik...
Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities.
Summary IBM MQ Appliance has addressed multiple open source vulnerabilities. Vulnerability Details CVEID:CVE-2023-2162 DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by a use-after-free flaw in the iscsiswtcpsessioncreate function in...
Security Bulletin: Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced.
Summary Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issues. Vulnerability Details CVEID:CVE-2023-4641 DESCRIPTION: shadow-maint shadow-utils could allow a local authenticated attacker to obtain sensitive...