Oracle Linux 8 : dotnet (ELSA-2021-0474)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0474 advisory. 2.1.521-1 - Update to .NET Core SDK 2.1.521 and Runtime 2.1.25 - Resolves: RHBZ1922272 Tenable has extracted the preceding description block directly from the...

dotnet: certificate chain building recursion Denial of Service

A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...

dotnet: certificate chain building recursion Denial of Service

A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...

dotnet: certificate chain building recursion Denial of Service

A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...

dotnet: certificate chain building recursion Denial of Service

A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...

dotnet: certificate chain building recursion Denial of Service

A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...

OESA-2021-1034 djvulibre security update

DjVu is a set of compression technologies, a file format, and a software platform for the deliveryover the Web of digital documents, scanned documents, and high resolution images.DjVu documents download and display extremely quickly, and look exactly the same on all platforms with no compatibilit...

OESA-2021-1026 krb5 security update

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.\r\n\r\n Security Fixes:\r\n\r\n MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an...

Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2021-1267)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2021-1248)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1149)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : krb5 (EulerOS-SA-2021-1149)

According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the...

CentOS 8 : libarchive (CESA-2019:3698)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3698 advisory. - libarchive: Out-of-bounds read in lhareaddatanone CVE-2017-14503 - libarchive: Double free in RAR decoder resulting in a denial of service...

EulerOS 2.0 SP3 : curl (EulerOS-SA-2021-1063)

According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.CVE-2020-8285...

EulerOS 2.0 SP3 : krb5 (EulerOS-SA-2021-1080)

According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the...

EulerOS 2.0 SP3 : libproxy (EulerOS-SA-2021-1087)

According to the versions of the libproxy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered...

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2021-1064)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2021-0022 Updated krb5 packages fix a security vulnerability

MIT Kerberos 5 aka krb5 before 1.17.2 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit CVE-2020-28196...

Updated krb5 packages fix a security vulnerability

MIT Kerberos 5 aka krb5 before 1.17.2 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit CVE-2020-28196...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1029)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...