Amazon Linux 2 : go-rpm-macros (ALAS-2022-1863)

The version of go-rpm-macros installed on the remote host is prior to 3.0.15-23. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1863 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this...

Amazon Linux 2 : golang-github-syndtr-gocapability (ALAS-2022-1865)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1865 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

Important: golang-github-gorilla-mux

Issue Overview: 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling,...

Amazon Linux 2 : golang-github-gorilla-mux (ALAS-2022-1860)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1860 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

SUSE-SU-2022:3661-1 Security update for php8

This update for php8 fixes the following issues: - php8 was updated to version 8.0.24 - php8 was updated to version 8.0.23 jscSLE-23639. - CVE-2021-21703: Fixed a local privilege escalation via PHP-FPM. bsc1192050 - CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor while...

EulerOS Virtualization 3.0.6.0 : vim (EulerOS-SA-2022-2594)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Out-of-bounds Read CVE-2021-4166, CVE-2021-4193 - vim is vulnerable to Use After Free CVE-2021-4192 - vim is...

EulerOS Virtualization 2.9.0 : vim (EulerOS-SA-2022-2405)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. CVE-2022-0696 - Use after free in utfptr2char in GitHub...

CVE-2022-3222

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV...

DEBIAN-CVE-2022-3222

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV...

Information disclosure

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV...

CVE-2022-3222

GPAC (gpac/gpac) vulnerability CVE-2022-3222 affects versions prior to 2.1.0-DEV due to an Uncontrolled Recursion issue. The CVSS data indicates high impact on availability (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). No exploitation details are provided in the sources. Remediation is to upgrade gpac p...

CVE-2022-3222

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV...

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-2336)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software,...

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-2307)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software,...

Amazon Linux 2022 : wireshark-cli, wireshark-devel (ALAS2022-2022-079)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-079 advisory. A NULL pointer exception flaw was found in Wireshark. A process failure on crafted or malformed input in the IPPUSB dissector can cause a denial of service via a packet injection or a crafted...

SUSE-SU-2022:2909-1 Security update for libcroco

This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed an uncontrolled recursion issue bsc1171685...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2237)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2250)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software,...

EulerOS 2.0 SP8 : vim (EulerOS-SA-2022-2237)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Heap buffer overflow in vimstrncpy findword in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software,...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2263)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software,...