Oracle Linux 8 : fence-agents (ELSA-2024-0133)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0133 advisory. - bundled urllib3: fix CVE-2023-43804 Resolves: RHEL-11988 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

Oracle Linux 8 : gnutls (ELSA-2024-0155)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0155 advisory. 3.6.16-8 - timing side-channel in the RSA-PSK authentication CVE-2023-5981 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : .NET / 6.0 (ELSA-2024-0156)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0156 advisory. 6.0.126-1.0.1 - Add support for Oracle Linux 6.0.126-1 - Update to .NET SDK 6.0.126 and Runtime 6.0.26 6.0.125-1 - Update to .NET SDK 6.0.125 and Runti...

Oracle Linux 8 : tomcat (ELSA-2024-0125)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0125 advisory. - Open Redirect vulnerability in FORM authentication CVE-2023-41080 - FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 ...

Oracle Linux 8 : pixman (ELSA-2024-0131)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0131 advisory. 0.38.4-3 - Security fix for CVE-2022-44638 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : kernel (ELSA-2024-12069)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12069 advisory. - scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2162 - afunix: Fix null-ptr-deref in unixstreamsendpage CVE-2023-46...

Oracle Linux 9 : ipa (ELSA-2024-0141)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0141 advisory. 4.10.2-5.0.1 - Resolves: 2242828 Invalid CSRF protection CVE-2023-5455 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : squid (ELSA-2024-0071)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0071 advisory. - squid: Denial of Service in SSL Certificate validation CVE-2023-46724 - squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 -...

Oracle Linux 8 : libxml2 (ELSA-2024-0119)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0119 advisory. - Fix CVE-2023-39615 RHEL-5179 - Fix CVE-2023-28484 2186692 Tenable has extracted the preceding description block directly from the Oracle Linux security...

python3 security update

3.6.8-56.0.1.2 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-56.2 - Security fix for CVE-2022-48560 Resolves: rhbz2249755 - Security fix for CVE-2022-48564 Resolves: rhbz2249750...

Oracle Linux 7 : ipa (ELSA-2024-0145)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0145 advisory. 4.6.8-5.0.1 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.8-5.el79.16 - Resolves: RHEL-12570 ipa: Invalid CS...

Oracle Linux 8 : python3 (ELSA-2024-0114)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0114 advisory. - Security fix for CVE-2022-48560 Resolves: rhbz2249755 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : python-urllib3 (ELSA-2024-0116)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0116 advisory. - Security fix for CVE-2023-45803 Resolves: rhbz2246840 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : squid:4 (ELSA-2024-0046)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0046 advisory. - Fix squid: Denial of Service in SSL Certificate validation CVE-2023-46724 - Fix squid: NULL pointer dereference in the gopher protocol code...

Oracle Linux 8 : tigervnc (ELSA-2024-0018)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0018 advisory. - xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 - xorg-x11-server: Use-after-free bug in...

Oracle Linux 9 : firefox (ELSA-2024-0025)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0025 advisory. 115.6.0-1.0.1 - Udate to 115.6.0 build1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Tenable has extracted the...

Oracle Linux 9 : tigervnc (ELSA-2024-0010)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0010 advisory. - xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 - xorg-x11-server: out-of-bounds memory...

Oracle Linux 8 : thunderbird (ELSA-2024-0003)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0003 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.6.0-1 - Update to 115.6.0 build2 Tenable has...

Oracle Linux 8 : firefox (ELSA-2024-0012)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0012 advisory. 115.6.0-1.0.1 - Update to 115.6.0 build1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Tenable has extracted the...

Oracle Linux 9 : thunderbird (ELSA-2024-0001)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0001 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Update to 115.6.0 build2 Tenable has extracted...