32 matches found
TencentOS Server 3: rpm (TSSA-2022:0007)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0007 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Rocky Linux 8 : rpm (RLSA-2021:4489)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4489 advisory. - A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat...
SUSE CVE-2021-20266
A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...
Ubuntu: Security Advisory (USN-5273-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : rpm (SUSE-SU-2022:3939-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3939-1 advisory. - Fixed PGP parsing bugs bsc1185299. - Fixed various format handling bugs bsc996280. - CVE-2021-3421: Fixed vulnerability where...
SUSE: Security Advisory (SUSE-SU-2022:3939-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AIX is vulnerable to arbitrary code execution and RPM database corruption and denial of service due to RPM.
IBM SECURITY ADVISORY First Issued: Fri Sep 23 09:39:22 CDT 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/rpmadvisory.asc https://aix.software.ibm.com/aix/efixes/security/rpmadvisory.asc...
AlmaLinux 8 : rpm (ALSA-2021:4489)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4489 advisory. - A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat...
Mageia: Security Advisory (MGASA-2021-0167)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : rpm (ELSA-2021-4489)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4489 advisory. - Fixes CVE-2021-20266 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested f...
rpm security, bug fix, and enhancement update
4.14.3-19 - Unbreak in-tree kmod strip by reverting brp-strip fix 1967291 4.14.3-18 - Address important covscan issues 1996665, vol. 2 4.14.3-17 - Address important covscan issues 1996665 4.14.3-16 - Add support for read-only sqlite rpmdb 1938928 - Drop compat .decode method from returned Py3...
CentOS 8 : rpm (CESA-2021:4489)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4489 advisory. - rpm: missing length checks in hdrblobInit CVE-2021-20266 Note that Nessus has not tested for this issue but has instead relied only on the application's...
RHEL 8 : rpm (RHSA-2021:4489)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4489 advisory. The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating...
ALSA-2021:4489 Low: rpm security, bug fix, and enhancement update
The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: missing length checks in hdrblobInit CVE-2021-20266 For more details about the security issues, including t...
RLSA-2021:4489 Low: rpm security, bug fix, and enhancement update
The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: missing length checks in hdrblobInit CVE-2021-20266 For more details about the security issues, including t...
openSUSE 15 Security Update : rpm (openSUSE-SU-2021:1366-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1366-1 advisory. - A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds...
SUSE: Security Advisory (SUSE-SU-2021:3444-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: python2-rpm / python3-rpm / rpm / rpm-32bit / rpm-build / rpm-devel / etc (SUSE-SU-2021:3444-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3444-1 advisory. Security issues fixed: - CVE-2021-3421, CVE-2021-20271, CVE-2021-20266: Multiple header check improvements bsc1183543, bsc1183545,...
openSUSE: Security Advisory for rpm (openSUSE-SU-2021:2682-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2021:2682-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...