MiracleLinux 8 : nodejs:18 (AXSA:2023-6227:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6227:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: buffer overflow in configsortlist due to missing string length check CVE-2022-49...

MiracleLinux 9 : c-ares-1.19.1-1.el9 (AXSA:2023-6745:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6745:04 advisory. c-ares: buffer overflow in configsortlist due to missing string length check CVE-2022-4904 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-311...

SUSE-SU-2025:1186-1 Security update for expat

This update for expat fixes the following issues: - CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overflow by resolving use of recursion bsc1239618 Other fixes: - version update to 2.7.1 jscPED-12500 Bug fixes: 980 989 Restore event pointer behavi...

openSUSE: Security Advisory for wdiff (openSUSE-SU-2022:10031-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 9 : c-ares-1.19.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the c-ares-1.19.1-1.el9 build changelog. - AutoTools does not set CARESRANDOMFILE during cross compilation rhel-9 CVE-2023-31124 - Buffer Underwrite in aresinetnetpton rhel-9...

Amazon Linux 2 : c-ares (ALAS-2024-2429)

The version of c-ares installed on the remote host is prior to 1.10.0-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2429 advisory. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross compiling...

Low: c-ares

Issue Overview: When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a...

Low: c-ares

Issue Overview: When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a...

EulerOS Virtualization 2.11.1 : c-ares (EulerOS-SA-2023-3049)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

EulerOS 2.0 SP11 : c-ares (EulerOS-SA-2023-2828)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as...

c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation

A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand, which could allow an attacker to utilize the lack of entropy by no...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2828)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

nodejs:16 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 8 : nodejs:16 (RHSA-2023:4034)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4034 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

RHEL 9 : nodejs (RHSA-2023:4036)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4036 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

RHEL 8 : nodejs:18 (RHSA-2023:4035)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4035 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation

A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand, which could allow an attacker to utilize the lack of entropy by no...

c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation

A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand, which could allow an attacker to utilize the lack of entropy by no...

c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation

A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand, which could allow an attacker to utilize the lack of entropy by no...

c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation

A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand, which could allow an attacker to utilize the lack of entropy by no...