MiracleLinux 9 : gzip-1.10-9.el9 (AXSA:2022-3914:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3914:03 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : gzip-1.9-13.el8 (AXSA:2022-3155:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3155:01 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 7 : gzip-1.5-11.el7 (AXSA:2022-3181:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3181:02 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2022-1271)

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

TencentOS Server 3: gzip (TSSA-2022:0030)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0030 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0030: gzip (ALINUX3-SA-2022:0030)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0030 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-1271: RESERVED This candidate has been...

Alibaba Cloud Linux 3 : 0139: xz (ALINUX3-SA-2022:0139)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0139 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-1271: RESERVED This candidate has been...

Photon OS 3.0: Gzip PHSA-2022-3.0-0382

An update of the gzip package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0382. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has migrated to a new base image for the Operators used by our Speech Services. The following vulnerabilities...

NewStart CGSL MAIN 5.04 : gzip Vulnerability (NS-SA-2023-0103)

The remote NewStart CGSL host, running version MAIN 5.04, has gzip packages installed that are affected by a vulnerability: - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, thi...

Rocky Linux 9 : gzip (RLSA-2022:4582)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4582 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted fi...

Huawei EulerOS: Security Advisory for gzip (EulerOS-SA-2023-1716)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : gzip (EulerOS-SA-2023-1716)

According to the versions of the gzip package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file nam...

EulerOS Virtualization 3.0.2.0 : xz (EulerOS-SA-2023-1739)

According to the versions of the xz packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

Security fix for the ALT Linux 9 package gzip version 1.10-alt1.p9.1

1.10-alt1.p9.1 built April 10, 2023 Andrey Cherepanov in task 316771 April 4, 2023 Andrey Cherepanov - Fixed CVE-2022-1271 ALT 44053...

CBL Mariner 2.0 Security Update: gzip (CVE-2022-1271)

The version of gzip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1271 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the...

Important: gzip

Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...

Amazon Linux 2023 : xz, xz-devel, xz-libs (ALAS2023-2023-042)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-042 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU gzip (CVE-2022-1271)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU gzip due to an improper validation of file name by the zgrep utility. CVE-2022-1271 . The GNU gzip component is included as part of the Base OS image that is used by Watson Speech...

Huawei EulerOS: Security Advisory for gzip (EulerOS-SA-2023-1258)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...