96 matches found
RHCOS 4 : OpenShift Container Platform 4.17.0 (RHSA-2024:3722)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3722 advisory. - go-retryablehttp: url might write sensitive information to log file CVE-2024-6104 - golang: archive/zip: Incorrect handling of...
MiracleLinux 8 : grafana-9.2.10-17.el8_10 (AXSA:2024-8676:11)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8676:11 advisory. golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-2478...
CVE-2024-24789 affecting package golang for versions less than 1.18.8-8
CVE-2024-24789 affecting package golang for versions less than 1.18.8-8. A patched version of the package is available...
K000152445: Golang vulnerability CVE-2024-24789
Security Advisory Description The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The...
TencentOS Server 3: grafana (TSSA-2024:0391)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0391 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 4: golang (TSSA-2024:0493)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0493 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2024-24789
creationtimestamp| type| source ---|---|--- 2025-06-05 04:05:14+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3lqtgw6dhi22u...
Fedora: Security Advisory (FEDORA-2024-3ef0d3c37d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-85a14455ea)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-aa6e72c713)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-d2ec3e14a7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-378ed6dffe)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-8669c2a944)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Alibaba Cloud Linux 3 : 0184: grafana (ALINUX3-SA-2024:0184)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0184 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-24788: A malformed DNS message in...
RLSA-2024:5291 Moderate: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip:...
Linux Distros Unpatched Vulnerability : CVE-2024-24789
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be...
openSUSE Security Advisory (SUSE-SU-2024:1969-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Golang Go [CVE-2024-24789]
Summary IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Golang Go, caused by a flaw with EOCDR comment length handling is inconsistent with other ZIP implementations in the archive/zip package CVE-2024-24789. Golang Go is included as part of the speech...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Golang Go [CVE-2024-24789]
Summary IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Golang Go, caused by a flaw with EOCDR comment length handling is inconsistent with other ZIP implementations in the archive/zip package. CVE-2024-24789. Golang Go is used by our Speech Service...
Fedora 41 : opentofu (2024-8669c2a944)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-8669c2a944 advisory. Automatic update for opentofu-1.7.3-3.fc41. Changelog Sat Jul 27 2024 Mikel Olasagasti Uranga - 1.7.3-3 - Fix for CVE-2024-6257 CVE-2024-6104...