1272 matches found
Amazon Linux AMI : ImageMagick (ALAS-2023-1856)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1.30. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1856 advisory. A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c. CVE-2023-5341 Tenable has...
Amazon Linux AMI : ghostscript (ALAS-2023-1867)
The version of ghostscript installed on the remote host is prior to 8.70-24.33. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1867 advisory. A buffer overflow vulnerability in epscprintpage in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote...
Amazon Linux AMI : tomcat8 (ALAS-2023-1861)
The version of tomcat8 installed on the remote host is prior to 8.5.93-1.94. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1861 advisory. Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the...
Amazon Linux AMI : libX11 (ALAS-2023-1859)
The version of libX11 installed on the remote host is prior to 1.6.0-2.2.16. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1859 advisory. libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: integer overflow in XCreateImage leading t...
Amazon Linux AMI : apache-ivy (ALAS-2023-1863)
The version of apache-ivy installed on the remote host is prior to 2.2.0-5.2. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1863 advisory. Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software...
Amazon Linux AMI : golang (ALAS-2023-1871)
The version of golang installed on the remote host is prior to 1.20.10-1.48. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1871 advisory. Line directives //line can be used to bypass the restrictions on //go:cgo directives, allowing blocked linker and...
Amazon Linux AMI : tomcat8 (ALAS-2023-1868)
The version of tomcat8 installed on the remote host is prior to 8.5.94-1.95. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1868 advisory. Incomplete Cleanup vulnerability in Apache Tomcat. When recycling various internal objects in Apache Tomcat from...
Amazon Linux AMI : nginx (ALAS-2023-1870)
The version of nginx installed on the remote host is prior to 1.18.0-1.45. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1870 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...
Amazon Linux AMI : nghttp2 (ALAS-2023-1869)
The version of nghttp2 installed on the remote host is prior to 1.33.0-1.1.8. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1869 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...
Amazon Linux AMI : gsl (ALAS-2023-1851)
The version of gsl installed on the remote host is prior to 1.13-4.4. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1851 advisory. A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2....
Amazon Linux AMI : libtiff (ALAS-2023-1846)
The version of libtiff installed on the remote host is prior to 4.0.3-35.46. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1846 advisory. A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires...
Amazon Linux AMI : bind (ALAS-2023-1845)
The version of bind installed on the remote host is prior to 9.8.2-0.68.rc1.91. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1845 advisory. The code that processes control channel messages sent to named calls certain functions recursively during packet parsing...
Amazon Linux AMI : mutt (ALAS-2023-1836)
The version of mutt installed on the remote host is prior to 1.5.20-7.20091214hg736b6a.10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1836 advisory. Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 1.5.2 2.2.12 CVE-2023-4875...
Amazon Linux AMI : poppler (ALAS-2023-1850)
The version of poppler installed on the remote host is prior to 0.26.5-43.26. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1850 advisory. An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service D...
Amazon Linux AMI : ghostscript (ALAS-2023-1853)
The version of ghostscript installed on the remote host is prior to 8.70-24.32. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1853 advisory. A divide by zero issue discovered in epsprintpage in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers ...
Amazon Linux AMI : poppler (ALAS-2023-1852)
The version of poppler installed on the remote host is prior to 0.26.5-43.27. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1852 advisory. Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via craft...
Amazon Linux AMI : ghostscript (ALAS-2023-1854)
The version of ghostscript installed on the remote host is prior to 8.70-24.31. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1854 advisory. A buffer overflow vulnerability in pcxwriterle in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a...
Amazon Linux AMI : libxml2 (ALAS-2023-1841)
The version of libxml2 installed on the remote host is prior to 2.9.1-6.6.43. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1841 advisory. Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at...
Amazon Linux AMI : vim (ALAS-2023-1837)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1837 advisory. Use After Free in GitHub repository vim/vim prior to 9.0.1840. CVE-2023-4733 Use After Free in GitHub repository vim/vim prior to 9.0.1857. CVE-2023-4750 Use After Free in GitHub repository vim/vi...
Amazon Linux AMI : axis (ALAS-2023-1840)
The version of axis installed on the remote host is prior to 1.2.1-7.5.15. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1840 advisory. UNSUPPPORTED WHEN ASSIGNED UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not have been...