SUSE-SU-2026:2254-1 Security update 5.0.8 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Security Fixes: - CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter was updated from version 1.5.0 to 1.10.2: - Security Fixes: - Version...

openSUSE 16 Security Update : google-osconfig-agent (openSUSE-SU-2026:20815-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20815-1 advisory. This update for google-osconfig-agent fixes the following issues - CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too...

OPENSUSE-SU-2026:20815-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues - CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers bsc1236533. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...

RHCOS 4 : Red Hat build of MicroShift 4.14.24 (RHSA-2024:2671)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2671 advisory. - golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 Note that Nessus has not tested for this...

RHCOS 4 : Red Hat build of MicroShift 4.15.12 (RHSA-2024:2667)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2667 advisory. - golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 Note that Nessus has not tested for this...

Security update for google-guest-agent (important)

openSUSE security update: security update for google-guest-agent ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20609-1 Rating: important References: bsc1234563 bsc1236533 bsc1239763 bsc1239866 bsc1243254 bsc1243505 Cross-References: CVE-2023-45288...

OPENSUSE-SU-2026:20609-1 Security update for google-guest-agent

This update for google-guest-agent fixes the following issues: Update to version 20250506.01 bsc1243254, bsc1243505. Security issues fixed: - CVE-2024-45337: golang.org/x/crypto/ssh: misuse of the ServerConfig.PublicKeyCallback callback can lead to authorization bypass in applications bsc1234563....

SUSE-SU-2026:20486-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: - CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers bsc1236533...

SUSE-SU-2026:20483-1 Security update for google-guest-agent

This update for google-guest-agent fixes the following issues: - CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers bsc1236533...

MiracleLinux 9 : golang-1.20.12-4.el9_3 (AXSA:2024-7718:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7718:03 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 CVE-2023-45288 An attacker may cause an HTTP/2 endpoint to...

MiracleLinux 9 : git-lfs-3.4.1-1.el9 (AXSA:2024-7894:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7894:02 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288,VU421644.3 Tenable has extracted the preceding description...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-7720:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7720:01 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 Tenable has extracted the preceding description block direct...

MiracleLinux 8 : git-lfs-3.4.1-2.el8 (AXSA:2024-8248:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8248:04 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of...

MiracleLinux 8 : git-lfs-3.2.0-3.el8_9 (AXSA:2024-7734:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7734:01 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288,VU421644.3 Tenable has extracted the preceding description...

Security Bulletin: IBM Storage Ceph is vulnerable to Exposure of Sensitive Information Through Data Queries in Golang Go (CVE-2023-45288)

Summary Golang Go is used by IBM Storage Ceph as part of RGW and in assorted other locations. CVE-2023-45288 Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION...

SUSE SLES15 / openSUSE 15 Security Update : golang-github-prometheus-alertmanager (SUSE-SU-2025:01992-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01992-1 advisory. - Security: CVE-2025-22870: Fix proxy bypassing using IPv6 zone IDs bsc1238686 CVE-2023-45288: Fix HTTP/2 CONTINUATION flood in...

SUSE SLES15 / openSUSE 15 Security Update : golang-github-prometheus-prometheus (SUSE-SU-2025:01990-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01990-1 advisory. - Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bump golang.org/x/net to...

SUSE SLES15 / openSUSE 15 Security Update : Multi-Linux Manager Client Tools (SUSE-SU-2025:01989-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01989-1 advisory. golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 fo...

SUSE SLES12 Security Update : Multi-Linux Manager Client Tools (SUSE-SU-2025:01987-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01987-1 advisory. golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building...

Security Bulletin: IBM Storage Fusion is affected by exposure of information through cross-site scripting or data queries (CVE-2023-45288, CVE-2023-3978)

Summary IBM Storage Fusion Data Foundation uses HTTP to communicate. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2023-45288, CVE-2023-3978. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: An attacker may cause an HTTP/...