CentOS 8 : unbound (CESA-2020:2416)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2416 advisory. - unbound: amplification of an incoming query into a large number of queries directed to a target CVE-2020-12662 - unbound: infinite loop via malformed...

CentOS 8 : squid:4 (CESA-2020:2041)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2041 advisory. - squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow CVE-2019-12519 - squid: parsing of header...

CentOS 8 : fontforge (CESA-2020:4844)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:4844 advisory. - fontforge: SFDGetFontMetaData insufficient CVE-2020-5395 backport CVE-2020-25690 Note that Nessus has not tested for this issue but has instead relied only on...

CentOS 8 : firefox (CESA-2020:2828)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:2828 advisory. - Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12417 - Mozilla: Information disclosure due to manipulated U...

CentOS 8 : freerdp and vinagre (CESA-2020:4647)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4647 advisory. - freerdp: Out of bound read in cliprdrserverreceivecapabilities CVE-2020-11018 - freerdp: Out of bound read in updaterecv could result in a crash...

CentOS 8 : python38:3.8 (CESA-2020:4641)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4641 advisory. - PyYAML: command execution through python/object/apply constructor in FullLoader CVE-2019-20477 - python: infinite loop in the tarfile module via...

CentOS 8 : nodejs:12 (CESA-2020:5499)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5499 advisory. - nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function CVE-2020-15366 - nodejs-yargs-parser: prototype pollution...

CentOS 8 : idm:DL1 and idm:client (CESA-2020:4670)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4670 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...

CentOS 8 : dbus (CESA-2020:3014)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:3014 advisory. - dbus: denial of service via file descriptor leak CVE-2020-12049 Note that Nessus has not tested for this issue but has instead relied only on the application'...

CentOS 8 : sqlite (CESA-2020:1810)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1810 advisory. - sqlite: fts3: improve shadow table corruption detection CVE-2019-13752 - sqlite: fts3: incorrectly removed corruption check CVE-2019-13753 - sqlite:...

CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:1644)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1644 advisory. - jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig CVE-2019-14540 - jackson-databind: Serialization gadgets in...

CentOS 8 : java-1.8.0-openjdk (CESA-2020:1515)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1515 advisory. - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner Scripting, 8223898 CVE-2020-2754 - OpenJDK: Incorrect handling of empty...

CentOS 8 : dotnet3.1 (CESA-2021:0095)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:0095 advisory. - dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 CVE-2021-1723 Note that Nessus has not tested for this issue but has...

CentOS 8 : python27:2.7 (CESA-2020:1605)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1605 advisory. - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-18074 - python-urllib3: Cross-host redirect does not remov...

CentOS 8 : thunderbird (CESA-2020:0577)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:0577 advisory. - Mozilla: Message ID calculation was based on uninitialized data CVE-2020-6792 - Mozilla: Out-of-bounds read when processing certain email messages...

CentOS 8 : subversion:1.10 (CESA-2020:4712)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4712 advisory. - subversion: remotely triggerable DoS vulnerability in svnserve 'get-deleted-rev' CVE-2018-11782 Note that Nessus has not tested for this issue but has instead...

CentOS 8 : e2fsprogs (CESA-2020:1913)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1913 advisory. - e2fsprogs: Crafted ext4 partition leads to out-of-bounds write CVE-2019-5094 Note that Nessus has not tested for this issue but has instead relied only on the...

CentOS 8 : firefox (CESA-2020:3557)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:3557 advisory. - Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer CVE-2020-12422 - Mozilla: WebRTC permission prompt could have been bypassed by a...

CentOS 8 : python-pip (CESA-2020:4432)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4432 advisory. - python-pip: directory traversal in downloadhttpurl function in src/pip/internal/download.py CVE-2019-20916 Note that Nessus has not tested for this issue but...

CentOS 8 : pcre2 (CESA-2020:4539)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4539 advisory. - pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode CVE-2019-20454 Note that Nessus has not tested for this issue but has instead relied only...