28 matches found
MiracleLinux 9 : pcs-0.11.1-10.el9.1.ML.1 (AXSA:2022-4107:07)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4107:07 advisory. sinatra: path traversal possible outside of publicdir when serving static files CVE-2022-29970 Tenable has extracted the preceding description block directly...
Ubuntu: Security Advisory (USN-7664-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2022-29970
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sinatra before 2.2.0 does not validate that the expanded path matches publicdir when serving static files. CVE-2022-29970 Note that Nessus relies on the presenc...
Debian dla-3877 : ruby-rack-protection - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3877 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3877-1 [email protected]...
Important: Red Hat Security Advisory: Satellite 6.12 Release
An update is now available for Red Hat Satellite 6.12. The release contains a new version of Satellite and important security fixes for various components. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring ...
RLSA-2022:8506 Important: Satellite 6.12 Release
Rocky Enterprise Software Foundation Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: netty-codec: Bzip2Decoder doesn't allow setting...
[SECURITY] [DLA 3166-1] ruby-sinatra security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-3166-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 28, 2022 https://wiki.debian.org/LTS -...
Debian dla-3166 : ruby-rack-protection - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3166 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3166-1 [email protected] https://www.debian.org/lts/security/...
Mageia: Security Advisory (MGASA-2022-0280)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ruby-sinatra packages fix security vulnerability
Sinatra before 2.2.0 does not validate that the expanded path matches publicdir when serving static files. CVE-2022-29970...
MGASA-2022-0280 Updated ruby-sinatra packages fix security vulnerability
Sinatra before 2.2.0 does not validate that the expanded path matches publicdir when serving static files. CVE-2022-29970...
Rocky Linux 8 : pcs (RLSA-2022:4661)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4661 advisory. - Sinatra before 2.2.0 does not validate that the expanded path matches publicdir when serving static files. CVE-2022-29970 Note that Nessus has not tested for...
Oracle Linux 9 : pcs (ELSA-2022-9513)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9513 advisory. 0.11.1-10.el90.1 - Updated bundled rubygems: sinatra, rack-protection - Resolves: rhbz2081333 0.11.1-10 - Fixed snmp client - Fixed translating resource roles i...
SUSE-SU-2022:2046-1 Security update for rubygem-sinatra
This update for rubygem-sinatra fixes the following issues: - CVE-2022-29970: Fixed possible path traversal outside of publicdir when serving static files bsc1199138...
AlmaLinux 8 : pcs (ALSA-2022:4661)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:4661 advisory. - Sinatra before 2.2.0 does not validate that the expanded path matches publicdir when serving static files. CVE-2022-29970 Note that Nessus has not tested for thi...
Oracle Linux 8 : pcs (ELSA-2022-9416)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9416 advisory. 0.10.12-6.0.1.el86.1 - Replace HAM-logo.png with a generic one 0.10.12-6.el86.1 - Updated bundled rubygems: sinatra, rack-protection - Resolves: rhbz2081331...
ALSA-2022:4661 Important: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: path traversal possible outside of publicdir when serving static files CVE-2022-29970 For more details about the security issues, including the impact, a CVSS score,...
Important: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: path traversal possible outside of publicdir when serving static files CVE-2022-29970 For more details about the security issues, including the impact, a CVSS score,...
Important: Red Hat Security Advisory: pcs security update
An update for pcs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Important: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: path traversal possible outside of publicdir when serving static files CVE-2022-29970 For more details about the security issues, including the impact, a CVSS score,...