17 matches found
Fedora: Security Advisory (FEDORA-2023-5f984129b2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-46129 affecting package telegraf for versions less than 1.29.4-1
CVE-2023-46129 affecting package telegraf for versions less than 1.29.4-1. An upgraded version of the package is available that resolves this issue...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.0.0 operator/operand containers
Red Hat OpenShift distributed tracing 3.0.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Fedora: Security Advisory for golang-github-nats-io-streaming-server (FEDORA-2023-3a895ff65c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-nats-io-nkeys (FEDORA-2023-3a895ff65c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-nats-io-jwt-2 (FEDORA-2023-3a895ff65c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-nats-io-nkeys (FEDORA-2023-66966ae3d0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-nats-io (FEDORA-2023-66966ae3d0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for nats-server (FEDORA-2023-66966ae3d0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : golang-github-nats-io / golang-github-nats-io-jwt-2 / etc (2023-3a895ff65c)
The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-3a895ff65c advisory. Updated NATS stack for CVE-2023-39325 and CVE-2023-46129 Tenable has extracted the preceding description block directly from the Fedora security...
CBL Mariner 2.0 Security Update: telegraf (CVE-2023-46129)
The version of telegraf installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46129 advisory. - NATS.io is a high performance open source pub-sub distributed communication technology, built for the clou...
CVE-2023-46129 affecting package telegraf for versions less than 1.27.4-1
CVE-2023-46129 affecting package telegraf for versions less than 1.27.4-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-46129 vulnerabilities
Vulnerabilities for packages: nats-server, nats, minio, k3s...
CVE-2023-46129 vulnerabilities
Vulnerabilities for packages: k3s, nats, minio, nats-server...
CVE-2023-46129
CVE-2023-46129 describes a crypto bug in the nkeys library used by NATS. In nkeys versions 0.4.0–0.4.5 (aligned with NATS server 2.10.0–2.10.3), the xkeys encryption handling logic accidentally passed an array by value to an internal function that mutated the buffer to supply the encryption key. ...
CVE-2023-46129 xkeys Seal encryption used fixed key for all encryption
NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server...
CVE-2023-46129 xkeys Seal encryption used fixed key for all encryption
NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server...