Oracle Linux 9 : firefox (ELSA-2024-0603)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0603 advisory. 115.7.0.1.0.1 - Update to 115.7.0 build 1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 8 : firefox (ELSA-2024-0608)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0608 advisory. 115.7.0.1.0.1 - Update to 115.7.0 build 1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 7 : firefox (ELSA-2024-0600)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0600 advisory. 115.7.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

Oracle Linux 8 : thunderbird (ELSA-2024-0609)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0609 advisory. 115.7.0-1.0.1 - Update to 115.7.0 build1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 8 : tomcat (ELSA-2024-0539)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0539 advisory. 1:9.0.62-27.3 - tomcat: HTTP request smuggling via malformed trailer headers CVE-2023-46589 Tenable has extracted the preceding description block directly from...

firefox security update

115.7.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.7.0-1 - Update to 115.7.0 build1...

Oracle Linux 9 : grub2 (ELSA-2024-0468)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0468 advisory. 2.06-70.0.2.2 - search command: add flag to only search root dev - Resolves: CVE-2023-4001 Tenable has extracted the preceding description block directly from t...

Oracle Linux 9 : frr (ELSA-2024-0477)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0477 advisory. 8.3.1-11.2 - Add patches for CVE-2023-47235, CVE-2023-47234, CVE-2023-38406, CVE-2023-38407 Tenable has extracted the preceding description block...

Oracle Linux 9 : kernel (ELSA-2024-12094)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12094 advisory. - nfp: fix use-after-free in areacacheget Jialiang Wang CVE-2022-3545 - drivers: net: slip: fix NPD bug in sltxtimeout Duoming Zhou CVE-2022-41858 -...

Oracle Linux 9 : php:8.1 (ELSA-2024-0387)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0387 advisory. php 8.1.27-1 - rebase to 8.1.27 RHEL-19093 8.1.14-1 - rebase to 8.1.14 8.1.8-1 - update to 8.1.8 2070040 8.1.7-2 - clean unneeded dependency on useradd...

Oracle Linux 9 : openssl (ELSA-2024-12093)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12093 advisory. - AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries CVE-2023-2975 Resolves: RHEL-5302 - Excessive time spent...

Oracle Linux 9 : python3.9 (ELSA-2024-0466)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0466 advisory. 3.9.18-1.1 - Security fix for CVE-2023-27043 Resolves: RHEL-20613 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : python-urllib3 (ELSA-2024-0464)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0464 advisory. - Security fix for CVE-2023-45803 Resolves: RHEL-16874 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : tomcat (ELSA-2024-0474)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0474 advisory. - Resolves: 2235370 CVE-2023-41080 tomcat: Open Redirect vulnerability in FORM authentication - Resolves: 2243749 CVE-2023-45648 tomcat: incorrectly...

Oracle Linux 9 : sqlite (ELSA-2024-0465)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0465 advisory. 3.34.1-7 - Fixes CVE-2023-7104 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 9 : rpm (ELSA-2024-0463)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0463 advisory. - TOCTOU race in checks for unsafe symlinks CVE-2021-35937 - races with chown/chmod/capabilities calls during installation CVE-2021-35938 Tenable has...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2024-0265)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0265 advisory. 1:1.8.0.402.b06-0.2.0.1 - Update to shenandoah-jdk8u402-b06 GA - Update release notes for shenandoah-8u402-b06. - Add Oracle vendor bug URL Orabug:...

Oracle Linux 7 : python-pillow (ELSA-2024-0345)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0345 advisory. 2.0.0-24gitd1c6db8 - Security fix for CVE-2023-44271 Resolves: RHEL-15459 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : openssl (ELSA-2024-0310)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0310 advisory. - AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries CVE-2023-2975 Resolves: RHEL-5302 - Excessive time spent...

Oracle Linux 7 : xorg-x11-server (ELSA-2024-0320)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0320 advisory. - Fix use after free related to CVE-2024-21886 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...