189 matches found
EulerOS 2.0 SP9 : libtheora (EulerOS-SA-2025-2131)
According to the versions of the libtheora packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ochufftreeunpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third...
EulerOS 2.0 SP9 : python-urllib3 (EulerOS-SA-2025-1062)
According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...
EulerOS 2.0 SP9 : openssl (EulerOS-SA-2025-1041)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds...
EulerOS 2.0 SP9 : busybox (EulerOS-SA-2025-1052)
According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate...
EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2025-1038)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver...
EulerOS 2.0 SP9 : python3 (EulerOS-SA-2025-1059)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822...
EulerOS 2.0 SP9 : httpd (EulerOS-SA-2025-1039)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of...
EulerOS 2.0 SP9 : vim (EulerOS-SA-2024-2841)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2024-2821)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an...
EulerOS 2.0 SP9 : gdk-pixbuf2 (EulerOS-SA-2024-2828)
According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk ...
EulerOS 2.0 SP9 : OpenIPMI (EulerOS-SA-2024-2817)
According to the versions of the OpenIPMI packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenIPMI before 2.0.36 has an out-of-bounds array access for authentication type in the ipmisim simulator, resulting in denial of service or wit...
EulerOS 2.0 SP9 : expat (EulerOS-SA-2024-2827)
According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time.CVE-2023-52426 An issue was discovered in libexp...
EulerOS 2.0 SP9 : golang (EulerOS-SA-2024-2830)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an 'Expect: 100-continue' header with a non-information...
EulerOS 2.0 SP9 : unbound (EulerOS-SA-2024-2822)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A NULL pointer dereference flaw was found in the ubctxsetfwd function in Unbound. This issue could allow an attacker who can invoke specific...
EulerOS 2.0 SP9 : OpenIPMI (EulerOS-SA-2024-2834)
According to the versions of the OpenIPMI packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenIPMI before 2.0.36 has an out-of-bounds array access for authentication type in the ipmisim simulator, resulting in denial of service or wit...
EulerOS 2.0 SP9 : golang (EulerOS-SA-2024-2813)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an 'Expect: 100-continue' header with a non-information...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2369)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : kernel:ACPI: CPPC: Use accesswidth over bitwidth for system memory accessesCVE-2024-35995 kernel: block: fix overflow in...
EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2024-2402)
According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An XML External Entity XXE vulnerability in the ebookmeta.getmetadata function of lxml before v4.9.1 allows attackers to access sensitive...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2024-2403)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2024-2381)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and unge...