33 matches found
go-toolset:rhel8 security, bug fix, and enhancement update
An update is available for delve, module.delve, module.golang, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming...
RLSA-2026:37435 Important: golang security, bug fix, and enhancement update
The golang packages provide the Go programming language compiler. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 os: golang: Go os.Root: Symlink following vulnerability allows directory traversal...
SUSE-SU-2026:2832-1 Security update for rustup
This update for rustup fixes the following issues Security issues: - CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243862. - CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249008. - CVE-2026-41676: openssl: Deriver:derive and...
RLSA-2026:35828 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 For more details about the security issue...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.4 packages and security update
Red Hat OpenShift Container Platform release 4.22.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a...
RLSA-2026:30855 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycod...
git-lfs security update
An update is available for git-lfs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...
RHEL 10 : git-lfs (RHSA-2026:30855)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:30855 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing...
Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycod...
SUSE-SU-2026:22442-1 Security update for google-guest-agent
This update for google-guest-agent fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260264. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allo...
0lever-utils (>=0.0.2 <=0.0.7), 2keys (=0.5.1) +5826 more potentially affected by CVE-2026-45409 via idna (>=2.0.0 <=3.14.0)
idna PYPI version =2.0.0, =0.0.2, =0.0.1a0, =0.0.2, =0.0.6, =0.1.0, =0.1.3, =0.0.3, =19.11.0, =0.2.0rc1, =1.1.0rc1 and more Source cves: CVE-2026-45409 Source advisory: OSV:GHSA-65PC-FJ4G-8RJX...
a-mailx (=0.1.0), aaaai (>=0.1.3 <=0.3.0) +1028 more potentially affected by CVE-2024-3651 +1 more via idna (>=3.10.0 <=3.14.0)
idna PYPI version =3.10.0, =0.1.3, =4.8.2, =0.1.3, =0.1.0, =0.3.4, =0.4.0, =0.0.6, =0.1.0, =0.1.31, =0.1.0, =0.4.0, =0.1.0, =1.0.0, =1.0.3 and more Source cves: CVE-2024-3651, CVE-2026-45409 Source advisory: SNYK:PYTHON-IDNA-16769942...
EulerOS Virtualization 2.10.0 : python-pip (EulerOS-SA-2026-1194)
According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests...
MiracleLinux 8 : python-idna-2.5-7.el8_10 (AXSA:2024-8515:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8515:02 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description...
SUSE-SU-2025:3784-1 Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: - CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
doge_dns (>=0.2.4-beta <=1.0.2), rev-up-your-harley (>=0.1.0 <=1.0.1) +3 more potentially affected by unknown CVE via unic-idna (>=0.5.0 <=0.9.0)
unic-idna CARGO version =0.5.0, =0.2.4-beta, =0.1.0, =0.1.0, =0.5.0, =0.7.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0085...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to undefined behavior or potential crash due to out-of-bounds access bsc1248006 CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in...
SUSE SLES15 / openSUSE 15 Security Update : snpguest (SUSE-SU-2025:03445-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03445-1 advisory. - CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect...
Security update for snpguest
This update for snpguest fixes the following issues: CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect hostname comparisons and incorrect URL parsing bsc1243869. CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch...