9 matches found
openSUSE Security Advisory (SUSE-SU-2024:0591-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: azure-iot-sdk-c (CVE-2024-25110)
The version of azure-iot-sdk-c installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25110 advisory. - The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities,...
CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-25110)
The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25110 advisory. - The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities,...
CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1
CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3
CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3. A patched version of the package is available...
SUSE SLES15 / openSUSE 15 Security Update : python-uamqp (SUSE-SU-2024:0591-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0591-1 advisory. - CVE-2024-25110: Fixed a use-after-free in opengetofferedcapabilities bsc1219867. Tenable has extracted the preceding...
SUSE-SU-2024:0591-1 Security update for python-uamqp
This update for python-uamqp fixes the following issues: - CVE-2024-25110: Fixed a use-after-free in opengetofferedcapabilities bsc1219867...
SUSE CVE-2024-25110
The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...
CVE-2024-25110
The CVE-2024-25110 entry concerns the UAMQP C library (Azure-uamqp-c submodule). The flaw occurs in open_get_offered_capabilities where a memory allocation may fail, causing a use-after-free that can lead to remote code execution if triggered during connection. A fix is to update the submodule to...