Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-2300)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2022-2329)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properl...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-2329)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2022 : openssl, openssl-devel, openssl-libs (ALAS2022-2022-123)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-123 advisory. A flaw was found in OpenSSL. The issue in CVE-2022-1292 did not find other places in the crehash script where it possibly passed the file names of certificates being hashed to a command executed through...

Ubuntu: Security Advisory (USN-162-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-2228)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : sssd (SUSE-SU-2022:2763-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2763-1 advisory. - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and...

SUSE: Security Advisory (SUSE-SU-2022:2763-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for sssd (SUSE-SU-2022:2763-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Amazon Linux 2 : openssl (ALAS-2022-1831)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1831 advisory. A flaw was found in OpenSSL. The issue in CVE-2022-1292 did not find other places in the crehash script where it possibly passed...

CLSA-2022-1658347450 Fixed CVE-2015-20170 in python2-4.module_el8.4.0+2071+0b56c8de.tuxcare.els3

CVE-2015-20170: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...

SUSE SLES15 Security Update : python3 (SUSE-SU-2022:2351-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2351-1 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system...

SUSE SLES15 Security Update : openssl (SUSE-SU-2022:2309-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2309-1 advisory. - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script do...

SUSE SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2022:2321-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2321-1 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by so...

SUSE SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2022:2197-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2197-1 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by so...

Slackware Linux 14.2 openssl Multiple Vulnerabilities (SSA:2022-179-03)

The version of openssl installed on the remote host is prior to 1.0.2u. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-179-03 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distribut...

SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2022:2182-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2182-1 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by so...

SUSE SLES12 Security Update : openssl (SUSE-SU-2022:2180-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2180-1 advisory. - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not...

SUSE SLES15 Security Update : openssl (SUSE-SU-2022:2179-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2179-1 advisory. - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not...

FreeBSD : OpenSSL -- Command injection vulnerability (4eeb93bf-f204-11ec-8fbd-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4eeb93bf-f204-11ec-8fbd-d4c9ef517024 advisory. - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances...