89 matches found
MiracleLinux 8 : libuv-1.41.1-2.el8_10 (AXSA:2024-8516:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8516:01 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...
K000152876: libuv vulnerability CVE-2024-24806
Security Advisory Description libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be...
F5 Networks BIG-IP : libuv vulnerability (K000152876)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000152876 advisory. libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in...
TencentOS Server 4: libuv (TSSA-2024:0609)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0609 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 3: libuv (TSSA-2024:0314)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0314 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0185: libuv (ALINUX3-SA-2024:0185)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0185 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-24806: libuv is a multi-platform support...
RLSA-2024:4756 Moderate: libuv security update
libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
RLSA-2024:4247 Moderate: libuv security update
libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
RockyLinux 9 : libuv (RLSA-2024:4756)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:4756 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-24806 DESCRIPTION: libuv is vulnerable to server-side request forgery, caused...
Linux Distros Unpatched Vulnerability : CVE-2024-24806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart...
Azure Linux 3.0 Security Update: cmake / libuv / nodejs / nodejs18 / python-gevent (CVE-2024-24806)
The version of cmake / libuv / nodejs / nodejs18 / python-gevent installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24806 advisory. - libuv is a multi-platform support library with a focus on...
Advisory ROSA-SA-2025-2605
software: libuv 1.44.2 OS: ROSA-CHROME packageevrstring: libuv-1.44.2-2 CVE-ID: CVE-2024-24806 BDU-ID: 2024-02979 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the uvgetaddrinfo function src/unix/getaddrinfo.c, src/win/getaddrinfo.c of the libuv asynchronous I/O library is related to insufficient...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libuv (SUSE-SU-2024:4109-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4109-1 advisory. - CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724 Tenable...
openSUSE Security Advisory (SUSE-SU-2024:4109-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for libuv
This update for libuv fixes the following issues: CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
SUSE-SU-2024:4109-1 Security update for libuv
This update for libuv fixes the following issues: - CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724...
Moderate: Red Hat Security Advisory: libuv security update
An update for libuv is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
RHEL 8 : libuv (RHSA-2024:8132)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8132 advisory. libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.21 LTS, 12.0.4 LTS and 12.4.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported...