1272 matches found
Amazon Linux AMI : ImageMagick (ALAS-2023-1856)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1.30. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1856 advisory. A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c. CVE-2023-5341 Tenable has...
Amazon Linux AMI : ghostscript (ALAS-2023-1867)
The version of ghostscript installed on the remote host is prior to 8.70-24.33. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1867 advisory. A buffer overflow vulnerability in epscprintpage in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote...
Amazon Linux AMI : amazon-ssm-agent (ALAS-2023-1866)
The version of amazon-ssm-agent installed on the remote host is prior to 3.2.1705.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1866 advisory. 2023-10-30: CVE-2023-24540 was added to this advisory. The x/crypto/ssh package before...
Amazon Linux AMI : cups (ALAS-2023-1857)
The version of cups installed on the remote host is prior to 1.4.2-67.25. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1857 advisory. A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an...
Amazon Linux AMI : cacti (ALAS-2023-1862)
The version of cacti installed on the remote host is prior to 1.1.19-5.23. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1862 advisory. Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions,...
Amazon Linux AMI : golang (ALAS-2023-1871)
The version of golang installed on the remote host is prior to 1.20.10-1.48. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1871 advisory. Line directives //line can be used to bypass the restrictions on //go:cgo directives, allowing blocked linker and...
Amazon Linux AMI : tomcat8 (ALAS-2023-1868)
The version of tomcat8 installed on the remote host is prior to 8.5.94-1.95. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1868 advisory. Incomplete Cleanup vulnerability in Apache Tomcat. When recycling various internal objects in Apache Tomcat from...
Amazon Linux AMI : nghttp2 (ALAS-2023-1869)
The version of nghttp2 installed on the remote host is prior to 1.33.0-1.1.8. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1869 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...
Amazon Linux AMI : nginx (ALAS-2023-1870)
The version of nginx installed on the remote host is prior to 1.18.0-1.45. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1870 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...
Amazon Linux AMI : ghostscript (ALAS-2023-1854)
The version of ghostscript installed on the remote host is prior to 8.70-24.31. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1854 advisory. A buffer overflow vulnerability in pcxwriterle in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a...
Amazon Linux AMI : libxml2 (ALAS-2023-1841)
The version of libxml2 installed on the remote host is prior to 2.9.1-6.6.43. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1841 advisory. Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at...
Amazon Linux AMI : vim (ALAS-2023-1837)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1837 advisory. Use After Free in GitHub repository vim/vim prior to 9.0.1840. CVE-2023-4733 Use After Free in GitHub repository vim/vim prior to 9.0.1857. CVE-2023-4750 Use After Free in GitHub repository vim/vi...
Amazon Linux AMI : cacti (ALAS-2023-1842)
The version of cacti installed on the remote host is prior to 1.1.19-4.22. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1842 advisory. Cacti is an open source operational monitoring and fault management framework. A defect in the sqlsave function was discovered. Wh...
Amazon Linux AMI : gsl (ALAS-2023-1851)
The version of gsl installed on the remote host is prior to 1.13-4.4. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1851 advisory. A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2....
Amazon Linux AMI : ImageMagick (ALAS-2023-1844)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1.29. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1844 advisory. A vulnerability was found in ImageMagick. This issue occurs as an undefined behavior, casting double to sizet in svg, mvg...
Amazon Linux AMI : libtiff (ALAS-2023-1839)
The version of libtiff installed on the remote host is prior to 4.0.3-35.49. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1839 advisory. Multiple potential integer overflow in raw2tiff.c in libtiff = 4.5.1 can allow remote attackers to cause a denial of service...
Amazon Linux AMI : mutt (ALAS-2023-1836)
The version of mutt installed on the remote host is prior to 1.5.20-7.20091214hg736b6a.10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1836 advisory. Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 1.5.2 2.2.12 CVE-2023-4875...
Amazon Linux AMI : ghostscript (ALAS-2023-1853)
The version of ghostscript installed on the remote host is prior to 8.70-24.32. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1853 advisory. A divide by zero issue discovered in epsprintpage in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers ...
Amazon Linux AMI : poppler (ALAS-2023-1852)
The version of poppler installed on the remote host is prior to 0.26.5-43.27. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1852 advisory. Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via craft...
Amazon Linux AMI : poppler (ALAS-2023-1850)
The version of poppler installed on the remote host is prior to 0.26.5-43.26. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1850 advisory. An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service D...