SUSE-SU-2023:0431-1 Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: - CVE-2023-24021: Fixed FILESTMPCONTENT missing complete content bsc1207379...

SUSE CVE-2010-1325

Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...

SUSE CVE-2021-41186

Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parserapache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service ReDoS vulnerability. A broken apache log with a certain pattern of string ca...

SUSE SLES15 Security Update : apache2-mod_security2 (SUSE-SU-2023:0317-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0317-1 advisory. - In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application...

SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_security2 (SUSE-SU-2023:0314-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0314-1 advisory. - In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web...

SUSE SLES15 Security Update : apache2 (SUSE-SU-2023:0321-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0321-1 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2023:0322-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0322-1 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero byte...

SUSE SLES12 Security Update : apache2-mod_security2 (SUSE-SU-2023:0318-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0318-1 advisory. - In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application...

SUSE: Security Advisory (SUSE-SU-2023:0314-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0317-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0322-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0321-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0322-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in modproxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body bsc1207251. - CVE-2022-36760: Fixed an issue in...

SUSE-SU-2023:0321-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in modproxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body bsc1207251. - CVE-2022-36760: Fixed an issue in...

SUSE-SU-2023:0318-1 Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests bsc1207378...

SUSE-SU-2023:0317-1 Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests bsc1207378...

SUSE-SU-2023:0314-1 Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests bsc1207378...

SUSE SLES15 Security Update : apache2 (SUSE-SU-2023:0294-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0294-1 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...

SUSE: Security Advisory (SUSE-SU-2023:0294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...