205 matches found
CLSA-2026-1778109988 toolbox: Fix of 9 CVEs
Rebuild with golang = 1.22.5 to fix CVE-2022-1705, CVE-2022-41717, CVE-2023-29406, CVE-2023-39318, CVE-2023-39319, CVE-2023-39326, CVE-2023-45290, CVE-2024-24785, CVE-2024-24791...
RHCOS 4 : OpenShift Container Platform 4.13.0 (RHSA-2023:1329)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1329 advisory. - golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 - golang: crypto/tls: large...
MiracleLinux 8 : cockpit-composer-45-1.el8, osbuild-composer-75-1.el8.ML.1, osbuild-81-1.el8.ML.1, weldr-client-35.9-2.el8 (AXSA:2023-6087:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6087:04 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...
MiracleLinux 9 : podman-4.4.1-3.el9 (AXSA:2023-5638:04)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5638:04 advisory. golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 golang: crypto/tls: session tickets lack random...
TencentOS Server 3: git-lfs (TSSA-2023:0145)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0145 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0071: git-lfs (ALINUX3-SA-2023:0071)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0071 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2880: Requests forwarded by...
CVE-2022-41717 vulnerabilities
Vulnerabilities for packages: kubeflow, terraform-provider-sendgrid...
CVE-2022-41717 vulnerabilities
Vulnerabilities for packages: terraform-provider-sendgrid, kubeflow, kubeflow-fips, terraform-provider-sendgrid-fips...
Linux Distros Unpatched Vulnerability : CVE-2022-41717
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by th...
Azure Linux 3.0 Security Update: azcopy / containerized-data-importer / cri-o / golang / moby-engine / prometheus / sriov-network-device-plugin (CVE-2022-41717)
The version of azcopy / containerized-data-importer / cri-o / golang / moby-engine / prometheus / sriov-network-device- plugin installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41717 advisory. - An...
CVE-2022-41717 affecting package golang for versions less than 1.21.6-1
CVE-2022-41717 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...
CVE-2022-41717 affecting package golang for versions less than 1.21.6-1
CVE-2022-41717 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...
CVE-2022-41717 affecting package prometheus for versions less than 2.37.9-1
CVE-2022-41717 affecting package prometheus for versions less than 2.37.9-1. An upgraded version of the package is available that resolves this issue...
GLSA-202409-28 : HashiCorp Consul: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202409-28 HashiCorp Consul: Multiple Vulnerabilities Multiple vulnerabilities have been found in HashiCorp Consul. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description blo...
Fedora: Security Advisory (FEDORA-2023-654e0ddfd8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2023-9ca66e00a2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2023-a1b28cf117)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2023-4c1050f439)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-41717 affecting package containerized-data-importer for versions less than 1.55.0-20
CVE-2022-41717 affecting package containerized-data-importer for versions less than 1.55.0-20. A patched version of the package is available...
Security Bulletin: Vulnerabilities in Golang Go affect watsonx.data
Summary Golang Go has multiple vulnerabilities that include HTTP request smuggling, remote attacks to obtain sensitive information, denial of service, and unspecified errors with return an incorrect results. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-1705 DESCRIPTION:...