CBL Mariner 2.0 Security Update: unixODBC (CVE-2024-1013)

The version of unixODBC installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1013 advisory. - An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 byte...

CBL Mariner 2.0 Security Update: patch (CVE-2019-13636)

The version of patch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-13636 advisory. - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files...

CBL Mariner 2.0 Security Update: patch (CVE-2018-1000156)

The version of patch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-1000156 advisory. - GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specificall...

AlmaLinux 8 : python-jinja2 (ALSA-2024:4231)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4231 advisory. jinja2: accepts keys containing non-attribute characters CVE-2024-34064 Tenable has extracted the preceding description block directly from the AlmaLinux security...

CBL Mariner 2.0 Security Update: edk2 / hvloader (CVE-2023-45230)

The version of edk2 / hvloader installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45230 advisory. - EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID optio...

CBL Mariner 2.0 Security Update: ceph (CVE-2023-43040)

The version of ceph installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43040 advisory. - IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for...

CBL Mariner 2.0 Security Update: libdb (CVE-2017-3608)

The version of libdb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-3608 advisory. - Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Pri...

CBL Mariner 2.0 Security Update: graphviz (CVE-2020-18032)

The version of graphviz installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-18032 advisory. - Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote...

CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl (CVE-2022-4304)

The version of cloud-hypervisor / edk2 / hvloader / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4304 advisory. - A timing based side channel exists in the OpenSSL RSA Decryption...

CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26581)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26581 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip en...

CBL Mariner 2.0 Security Update: git (CVE-2024-32021)

The version of git installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32021 advisory. - Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4,...

CBL Mariner 2.0 Security Update: cert-manager / containerized-data-importer / cri-o / dcos-cli / keda / kubernetes (CVE-2024-28180)

The version of cert-manager / containerized-data-importer / cri-o / dcos-cli / keda / kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28180 advisory. - Package jose aims to provide an...

AlmaLinux 8 : c-ares (ALSA-2024:4249)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4249 advisory. c-ares: Out of bounds read in aresreadline CVE-2024-25629 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 8 : python3 (ALSA-2024:4243)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4243 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 Tenable has extracted the preceding description block directly fro...

CBL Mariner 2.0 Security Update: kernel (CVE-2018-20169)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-20169 advisory. - An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during t...

CBL Mariner 2.0 Security Update: kubernetes (CVE-2023-5528)

The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5528 advisory. - A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on...

AlmaLinux 8 : container-tools (ALSA-2024:4246)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4246 advisory. golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-24786...

CBL Mariner 2.0 Security Update: python-requests / tensorflow (CVE-2024-35195)

The version of python-requests / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35195 advisory. - Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests...

CBL Mariner 2.0 Security Update: libdb (CVE-2017-3614)

The version of libdb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-3614 advisory. - Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Pri...

CBL Mariner 2.0 Security Update: grub2 (CVE-2021-3696)

The version of grub2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3696 advisory. - A heap out-of-bounds write May heppen during the handling of Huffman tables in the PNG reader. This may lead t...