130 matches found
SUSE-SU-2026:2493-1 Security update for containerized-data-importer
This update for containerized-data-importer fixes the following issues: - Security: re-vendor Go dependencies to address CVEs tracked against containerized-data-importer backport of upstream PR 4110, post-v1.65.0. Fixed by this update: google.golang.org/grpc 1.65.0 - 1.79.3: bsc1260295...
SUSE-SU-2026:2468-1 Security update for amazon-ssm-agent
This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: - CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239342. - CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs bsc1238702. ...
SUSE-SU-2026:2254-1 Security update 5.0.8 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Security Fixes: - CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter was updated from version 1.5.0 to 1.10.2: - Security Fixes: - Version...
Security Bulletin: IBM Event Streams is vulnerable to proxy bypass
Summary IBM Event Streams is vulnerable to proxy bypass due to improper handling of IPv6 zoneID CVE-2025-22870 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPRO...
SUSE-SU-2026:0592-1 Security update for vexctl
This update for vexctl fixes the following issues: - Update to version 0.4.1+git78.f951e3a: - CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. bsc1239186 - CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in...
SUSE SLES15: apptainer / apptainer-leap / apptainer-sle15_6 / apptainer-sle15_7 / etc (SUSE-SU-2026:0439-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0439-1 advisory. Security fixes: - CVE-2024-45310: Fixed runc being tricked into creating empty files/directories on host bsc1257432 -...
Security Bulletin: Vulnerability in golang.org/x/net affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.
Summary Vulnerability in golang.org/x/net affect IBM® Db2® Big SQL 7.8 on IBM Cloud Pak for Data 5.1 and earlier. Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a misinterpretation of Input in golang.org/x/net/proxy [CVE-2025-22870]
Summary IBM Watson Speech Services Cartridge is vulnerable to a misinterpretation of Input in golang.org/x/net/proxy, due to matching of hosts against proxy patterns which can improperly treat an IPv6 zone ID as a hostname component CVE-2025-22870. Golang is used in our speech utilities. This...
Fedora 41 : git-lfs (2025-5872b9ec46)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5872b9ec46 advisory. Update to latest version 2404637 Fix CVE-2025-22870, CVE-2025-47910, CVE-2025-47906, CVE-2025-26625 Tenable has extracted the preceding description...
Fedora: Security Advisory (FEDORA-2025-3d0ada20e1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-3afa669ec0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-a6574c5095)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-4af86bb0f8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-90442d9001)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-9b9074cb93)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-59acaa6bd9)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in golang.org/x/net-v0.25.0
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of golang.org/x/net-v0.25.0 Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely...
Fedora 41 : apptainer (2025-5b1e8725d7)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-5b1e8725d7 advisory. Update to upstream 1.4.2, fix CVE-2025-22870 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...
Security Bulletin: Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak
Summary Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak. Go is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details...
Fedora: Security Advisory (FEDORA-2025-19c41f754c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...