SUSE: Security Advisory (SUSE-SU-2024:3098-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.26 (SUSE-SU-2024:3094-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3094-1 advisory. Update kubernetes to version 1.26.15: - CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf...

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.27 (SUSE-SU-2024:3098-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3098-1 advisory. Update kubernetes to version 1.27.16 - CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf...

SUSE-SU-2024:3098-1 Security update for kubernetes1.27

This update for kubernetes1.27 fixes the following issues: Update kubernetes to version 1.27.16 - CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf bsc1229867 - CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. Thi...

SUSE-SU-2024:3097-1 Security update for kubernetes1.28

This update for kubernetes1.28 fixes the following issues: Update kubernetes to version 1.28.13: - CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf bsc1229867 - CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. Th...

SUSE-SU-2024:3094-1 Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues: Update kubernetes to version 1.26.15: - CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf bsc1229867 - CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. Th...

EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2024-2302)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the...

EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2024-2322)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the...

EulerOS Virtualization 2.12.0 : mod_http2 (EulerOS-SA-2024-2331)

According to the versions of the modhttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413...

EulerOS Virtualization 2.12.0 : httpd (EulerOS-SA-2024-2327)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2307)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.1 : httpd (EulerOS-SA-2024-2307)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into...

Atlassian Confluence < 7.19.26 / 7.20.x < 8.5.14 / 8.6.x < 8.9.5 / 9.0.1 (CONFSERVER-97657)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-97657 advisory. - Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream,...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2322)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.0 : nghttp2 (EulerOS-SA-2024-2332)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2302)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.1 : nghttp2 (EulerOS-SA-2024-2312)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps...

EulerOS Virtualization 2.12.1 : mod_http2 (EulerOS-SA-2024-2311)

According to the versions of the modhttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413...

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2024-2311)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Suricata 6.x < 6.0.19 / 7.x < 7.0.5 Multiple Vulnerabilities

The version of OISF Suricata installed on the remote host is prior to 6.0.19 or 7.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities: - In affected versions, specially crafted traffic or datasets can cause a limited buffer overflow. CVE-2024-32664 - In affected versions, a...