24 matches found
CVE-2021-24032 affecting package ceph for versions less than 18.2.2-5
CVE-2021-24032 affecting package ceph for versions less than 18.2.2-5. A patched version of the package is available...
CBL Mariner 2.0 Security Update: CBL-Mariner Releases / ceph / zstd (CVE-2021-24032)
The version of CBL-Mariner Releases / ceph / zstd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-24032 advisory. - Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for...
Photon OS 3.0: Zstd PHSA-2022-3.0-0431
An update of the zstd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0431. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update
Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2021-24032 affecting package ceph for versions less than 16.2.10-3
CVE-2021-24032 affecting package ceph for versions less than 16.2.10-3. A patched version of the package is available...
BELL-CVE-2021-24032 CVE-2021-24032 does not affect BellSoft software
Bulletin has no description...
SUSE CVE-2021-24032
Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to...
Ubuntu 16.04 ESM : Zstandard vulnerabilities (USN-5720-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5720-1 advisory. It was discovered that Zstandard was not properly managing file permissions when generating output files. A local attacker could possibly use this issue ...
EulerOS 2.0 SP8 : zstd (EulerOS-SA-2021-2490)
According to the versions of the zstd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions matching the...
CVE-2021-24032 affecting package zstd 1.4.4-1
CVE-2021-24032 affecting package zstd 1.4.4-1. An upgraded version of the package is available that resolves this issue...
EulerOS 2.0 SP9 : zstd (EulerOS-SA-2021-2286)
According to the versions of the zstd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with...
EulerOS Virtualization 2.9.1 : zstd (EulerOS-SA-2021-2177)
According to the versions of the zstd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created...
Huawei EulerOS: Security Advisory for zstd (EulerOS-SA-2021-2177)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for zstd (EulerOS-SA-2021-2201)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated zstd packages fix a security vulnerability
Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to...
SUSE: Security Advisory (SUSE-SU-2021:0948-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for zstd (openSUSE-SU-2021:0481-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : zstd (openSUSE-2021-481)
This update for zstd fixes the following issues : - CVE-2021-24031: Added read permissions to files while being compressed or uncompressed bsc1183371. - CVE-2021-24032: Fixed a race condition which could have allowed an attacker to access world-readable destination file bsc1183370. This update wa...
OPENSUSE-SU-2021:0481-1 Security update for zstd
This update for zstd fixes the following issues: - CVE-2021-24031: Added read permissions to files while being compressed or uncompressed bsc1183371. - CVE-2021-24032: Fixed a race condition which could have allowed an attacker to access world-readable destination file bsc1183370. This update was...
SUSE SLED15 / SLES15 Security Update : zstd (SUSE-SU-2021:0948-1)
This update for zstd fixes the following issues : CVE-2021-24031: Added read permissions to files while being compressed or uncompressed bsc1183371. CVE-2021-24032: Fixed a race condition which could have allowed an attacker to access world-readable destination file bsc1183370. Note that Tenable...