53 matches found
Photon OS 3.0: Python PHSA-2023-3.0-0704
An update of the python package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0704. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security Bulletin: Vulnerability in certifi affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-37920]
Summary The certifi package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-37920 Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tugra root certificate in Certifi has an...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.7 is vulnerable to multiple Base OS issues
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.7 is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability...
Security Bulletin: Vulnerability in certifi affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-37920]
Summary The certifi package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE CVE-2023-37920 Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: Certifi is a curated collection of Root Certificates for validating the...
Security Bulletin: Vulnerability in Certifi affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.
Summary Potential vulnerability in Certifi has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.e . The vulnerability have been addressed. Refer to details for additional information...
Linux Distros Unpatched Vulnerability : CVE-2023-37920
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi...
CVE-2023-37920 affecting package python-certifi for versions less than 2023.05.07-1.cm2
CVE-2023-37920 affecting package python-certifi for versions less than 2023.05.07-1.cm2. A patched version of the package is available...
Security Bulletin: Vulnerabilities exists in IBM Netezza Performance Server for Cloud Pak for Data
Summary Vulnerabilities existis in IBM Netezza Performance Server for Cloud Pak for Data is fixed in 11.2.3.3 Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tugra root certificate in Certifi has an unknown impact and attack vector. CWE:CWE-345:...
Photon OS 5.0: Python3 PHSA-2023-5.0-0179
An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0179. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
RHEL 9 : python-certifi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-certifi: Removal of e-Tugra root certificate CVE-2023-37920 Note that Nessus has not tested for this issue b...
fence-agents security and bug fix update
4.2.1-129 - bundled urllib3: fix CVE-2023-45803 Resolves: RHEL-18132 - bundled pycryptodome: fix CVE-2023-52323 Resolves: RHEL-20915 - bundled jinja2: fix CVE-2024-22195 Resolves: RHEL-22174 4.2.1-127 - fencescsi: fix registration handling if ISID conflicts Resolves: RHEL-5397 - fencezvmip:...
RHEL 6 : python-certifi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-certifi: Removal of e-Tugra root certificate CVE-2023-37920 Note that Nessus has not tested for this issue b...
RHEL 7 : python-certifi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-certifi: Removal of e-Tugra root certificate CVE-2023-37920 Note that Nessus has not tested for this issue b...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. CVE-2023-37920
Summary IBM Maximo Application Suite - Visual Inspection Component : Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates...
Security Bulletin: IBM Maximo Application Suite uses certifi-2023.5.7-py3-none-any.whl which is vulnerable to CVE-2023-37920
Summary IBM Maximo Application Suite uses certifi-2023.5.7-py3-none-any.whl which is vulnerable to CVE-2023-37920. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tug...
CentOS 9 : fence-agents-4.10.0-56.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the fence- agents-4.10.0-56.el9 build changelog. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity o...
RHEL 8 : fence-agents (RHSA-2023:7528)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7528 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for December 2023.
Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF028 and 23.0.1-IF006. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By...
fence-agents security update
4.2.1-121.2 - bundled urllib3: fix CVE-2023-43804 Resolves: RHEL-11988 - bundled certifi: fix CVE-2023-37920 Resolves: RHEL-6972...
CentOS 8 : fence-agents (CESA-2024:0133)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0133 advisory. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts...