36 matches found
Oracle Linux 9 : fence-agents (ELSA-2026-13672)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13672 advisory. - bundled cryptography: replace with dependency to fix CVE-2026-26007 Tenable has extracted the preceding description block directly from the Oracle...
Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by insufficient verification of data authenticity in PyJWT
Summary IBM Cloud Pak for Data System CPDS 1.0 uses the PyJWT library, a JSON Web Token implementation in Python. CVE-2026-32597 affects PyJWT's validation of the crit Critical Header Parameter as defined in RFC 7515 ยง4.1.11. When a JWS token contains a crit array listing extensions that PyJWT do...
RLSA-2026:19138 Important: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: pyjwt: PyJWT accepts unknown crit header extensions RFC 7515 ?4.1.11 MU...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...
RockyLinux 10 : fence-agents (RLSA-2026:13916)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13916 advisory. pyjwt: PyJWT accepts unknown crit header extensions RFC 7515 ?4.1.11 MUST violation CVE-2026-32597 pyasn1: pyasn1 Vulnerable to Denial of Service via...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
fence-agents security update
An update is available for fence-agents. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling...
Oracle Linux 10 : fence-agents (ELSA-2026-13916)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13916 advisory. - bundled pyasn1: replace with dependency to fix CVE-2026-30922 Tenable has extracted the preceding description block directly from the Oracle Linux...
fence-agents security update
4.16.0-13.4 - bundled pyasn1: replace with dependency to fix CVE-2026-30922 - bundled PyJWT: upgrade to v2.12.1 to fix CVE-2026-32597 Resolves: RHEL-157186, RHEL-155667...
RHEL 9 : fence-agents (RHSA-2026:13672)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13672 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
Debian dla-4564 : python3-jwt - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4564 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4564-1 [email protected] https://www.debian.org/lts/security/...
Security Bulletin: IBM Edge Data Collector uses PyJWT-2.10.1-py3-none-any.whl, pyjwt-2.11.0-py3-none-any.whl which is vulnerable to CVE-2026-32597.
Summary IBM Edge Data Collector uses PyJWT-2.10.1-py3-none-any.whl, pyjwt-2.11.0-py3-none-any.whl which is vulnerable to CVE-2026-32597. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-32597 DESCRIPTION: PyJWT is a JSON Web Token implementatio...
Security Bulletin: PyJWT Fails to Validate Critical (crit) Header Parameter, Allowing Token Acceptance
Summary PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit Critical Header Parameter defined in RFC 7515 ยง4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of...
RHEL 8 : fence-agents (RHSA-2026:12176)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:12176 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in pyjwt-2.11.0-py3-none-any.whl
Summary IBM Watson Discovery Cartridge affected by vulnerability in pyjwt-2.11.0-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-32597 DESCRIPTION: PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit Critical Header Parameter defined in RFC...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-PyJWT (SUSE-SU-2026:1389-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1389-1 advisory. - CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616. Tenable has extracted the...
Security update for python-PyJWT
This update for python-PyJWT fixes the following issues: CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for python-PyJWT
This update for python-PyJWT fixes the following issues: CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...