Lucene search
+L

70 matches found

CBLMariner
CBLMariner
added 2025/03/25 3:8 p.m.11 views

CVE-2023-31147 affecting package grpc for versions less than 1.42.0-10

CVE-2023-31147 affecting package grpc for versions less than 1.42.0-10. A patched version of the package is available...

6.5CVSS7.3AI score0.00905EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/25 12:0 a.m.7 views

Azure Linux 3.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31147)

The version of c-ares / fluent-bit / grpc / nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31147 advisory. - c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom a...

6.5CVSS6.8AI score0.00905EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-31147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query id...

6.5CVSS6.7AI score0.00905EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/03 12:0 a.m.22 views

Amazon Linux 2 : c-ares (ALAS-2024-2646)

The version of c-ares installed on the remote host is prior to 1.19.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2646 advisory. Insufficient randomness in generation of DNS query IDs When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to...

6.5CVSS6.9AI score0.00905EPSS
Exploits0References4
Amazon
Amazon
added 2024/10/02 12:0 a.m.20 views

Medium: c-ares

Issue Overview: Insufficient randomness in generation of DNS query IDs When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand so will generate predictable output. Input from th...

6.5CVSS7.2AI score0.00905EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.12 views

Photon OS 5.0: Python3 PHSA-2023-5.0-0084

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0084. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS7AI score0.01577EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.28 views

CBL Mariner 2.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31147)

The version of c-ares / fluent-bit / grpc / nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31147 advisory. - c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom a...

6.5CVSS6.8AI score0.00905EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/04/17 10:2 p.m.23 views

CVE-2023-31147 affecting package grpc for versions less than 1.62.0-2

CVE-2023-31147 affecting package grpc for versions less than 1.62.0-2. An upgraded version of the package is available that resolves this issue...

6.5CVSS7.4AI score0.00905EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/03/14 10:34 p.m.14 views

CVE-2023-31147 affecting package python-gevent for versions less than 21.1.2-3

CVE-2023-31147 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

6.5CVSS7.3AI score0.00905EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.37 views

CentOS 9 : nodejs-16.20.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the nodejs-16.20.1-1.el9 build changelog. - The use of proto in process.mainModule.proto.require can bypass the policy mechanism and require modules outside of the policy.json...

7.5CVSS6.7AI score0.03906EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.21 views

EulerOS Virtualization 3.0.6.0 : c-ares (EulerOS-SA-2023-3421)

According to the versions of the c-ares packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE wil...

7.5CVSS6.4AI score0.01577EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.34 views

EulerOS 2.0 SP11 : c-ares (EulerOS-SA-2023-2828)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as...

6.5CVSS6.2AI score0.00936EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.33 views

EulerOS Virtualization 2.11.0 : c-ares (EulerOS-SA-2023-3066)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

6.5CVSS6.2AI score0.00936EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.24 views

EulerOS Virtualization 2.9.0 : c-ares (EulerOS-SA-2023-2977)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

7.5CVSS6.4AI score0.01577EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.31 views

EulerOS Virtualization 2.11.1 : c-ares (EulerOS-SA-2023-3049)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

6.5CVSS6.2AI score0.00936EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.22 views

EulerOS 2.0 SP8 : c-ares (EulerOS-SA-2023-3115)

According to the versions of the c-ares packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, a...

7.5CVSS6.4AI score0.01577EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.25 views

EulerOS Virtualization 2.10.0 : c-ares (EulerOS-SA-2023-2932)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

6.5CVSS6.4AI score0.00936EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.39 views

EulerOS Virtualization 2.10.1 : c-ares (EulerOS-SA-2023-2913)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

6.5CVSS6.4AI score0.00936EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.26 views

EulerOS 2.0 SP10 : c-ares (EulerOS-SA-2023-2780)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as...

6.5CVSS6.4AI score0.00936EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/11/09 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-3115)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.01577EPSS
Exploits0References2
Rows per page
Query Builder