84 matches found
Huawei EulerOS: Security Advisory for grilo (EulerOS-SA-2022-1535)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : grilo (EulerOS-SA-2022-1567)
According to the versions of the grilo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users...
EulerOS 2.0 SP5 : grilo (EulerOS-SA-2022-1535)
According to the versions of the grilo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users...
AlmaLinux 8 : grilo (ALSA-2021:4339)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4339 advisory. - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to...
Mageia: Security Advisory (MGASA-2021-0472)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : grilo (ELSA-2021-4339)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4339 advisory. 0.3.6-3 + grilo-0.3.6-3 - Fix TLS not being validated correctly - Resolves: rhbz1997234 Tenable has extracted the preceding description block directly from the...
Man-in-the-Middle (MitM)
grilo is vulnerable to man-in-the-middle attack. The grl-net-wc.c does not enable the TLS certificate verification on the SoupSessionAsync when it's creating. allowing an attacker to cause an MITM attack...
CentOS 8 : grilo (CESA-2021:4339)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4339 advisory. - grilo: missing TLS certificate verification CVE-2021-39365 Note that Nessus has not tested for this issue but has instead relied only on the application's...
RHEL 8 : grilo (RHSA-2021:4339)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4339 advisory. Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core...
Moderate: Red Hat Security Advisory: grilo security update
An update for grilo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
grilo: missing TLS certificate verification
In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
RLSA-2021:4339 Moderate: grilo security update
Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fixes: grilo: missing TLS certificate verification CVE-2021-39365 For more details about the security issues, includin...
ALSA-2021:4339 Moderate: grilo security update
Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fixes: grilo: missing TLS certificate verification CVE-2021-39365 For more details about the security issues, includin...
grilo security update
An update is available for grilo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grilo is a framework that provides access to different sources of multimedia...
Moderate: grilo security update
Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fixes: grilo: missing TLS certificate verification CVE-2021-39365 For more details about the security issues, includin...
MGASA-2021-0472 Updated grilo packages fix security vulnerability
Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created by Grilo, leaving users vulnerable to network MITM attacks...
Updated grilo packages fix security vulnerability
Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created by Grilo, leaving users vulnerable to network MITM attacks...
SUSE: Security Advisory (SUSE-SU-2021:3295-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: grilo-devel / libgrilo-0_3-0 / libgrlnet-0_3-0 / libgrlpls-0_3-0 / etc (SUSE-SU-2021:3295-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3295-1 advisory. - CVE-2021-39365: Fixed missing TLS certificate verification bsc1189839. Tenable has extracted the preceding description block directly from...
SUSE-SU-2021:3295-1 Security update for grilo
This update for grilo fixes the following issues: - CVE-2021-39365: Fixed missing TLS certificate verification bsc1189839...