Azure Linux 3.0 Security Update: httpd (CVE-2024-40898)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40898 advisory. - SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTM...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust (CVE-2024-9681)

The version of cmake / curl / mysql / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-9681 advisory. - When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent...

Azure Linux 3.0 Security Update: cri-tools / docker-buildx / kubernetes / opa / prometheus (CVE-2023-45142)

The version of cri-tools / docker-buildx / kubernetes / opa / prometheus installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45142 advisory. - OpenTelemetry-Go Contrib is a collection of third-party...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42269)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42269 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential...

Azure Linux 3.0 Security Update: hyperv-daemons / kernel (CVE-2024-36008)

The version of hyperv-daemons / kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36008 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL id...

Ubuntu 16.04 LTS : GNU C Library vulnerability (USN-7259-2)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7259-2 advisory. USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 16.04 LTS. Tenable has extracted the preceding...

Azure Linux 3.0 Security Update: nodejs / nodejs18 / python-jinja2 (CVE-2024-34064)

The version of nodejs / nodejs18 / python-jinja2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-34064 advisory. - Jinja is an extensible templating engine. The xmlattr filter in affected versions...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49895)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49895 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds...

Azure Linux 3.0 Security Update: containerized-data-importer / cri-o / ig / libcontainers-common / skopeo (CVE-2024-3727)

The version of containerized-data-importer / cri-o / ig / libcontainers-common / skopeo installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3727 advisory. - A flaw was found in the...

Azure Linux 3.0 Security Update: azcopy / blobfuse2 / cert-manager / cf-cli (CVE-2024-24786)

The version of azcopy / blobfuse2 / cert-manager / cf-cli installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24786 advisory. - The protojson.Unmarshal function can enter an infinite loop when...

Azure Linux 3.0 Security Update: kernel (CVE-2024-35982)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35982 advisory. - In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying t...

Azure Linux 3.0 Security Update: cert-manager / influxdb / keda / libcontainers-common / packer (CVE-2024-6104)

The version of cert-manager / influxdb / keda / libcontainers-common / packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6104 advisory. - go-retryablehttp prior to 0.7.7 did not sanitize urls...

Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cert-manager / cf-cli / cni / cni-plugins (CVE-2024-45338)

The version of application-gateway-kubernetes-ingress / cert-manager / cf-cli / cni / cni-plugins installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45338 advisory. - An attacker can craft an input t...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26984)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26984 advisory. - In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race...

Azure Linux 3.0 Security Update: kernel (CVE-2024-45018)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45018 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49981)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49981 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free bug in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-35990)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35990 advisory. - In the Linux kernel, the following vulnerability has been resolved: dma: xilinxdpdma: Fix locking There are...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49959)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49959 advisory. - In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when...

Azure Linux 3.0 Security Update: python-twisted (CVE-2024-41810)

The version of python-twisted installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41810 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. The...

Azure Linux 3.0 Security Update: kernel (CVE-2024-44974)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44974 advisory. - In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: avoid possible UaF when...