MiracleLinux 8 : gnutls-3.6.16-8.el8_10.4.ML.1 (AXSA:2025-10938:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10938:05 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS otherName SAN export CVE-2025-32988 gnutls...

MiracleLinux 8 : gnutls-3.6.8-11.el8 (AXSA:2020-604:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-604:01 advisory. gnutls: session resumption works without master key allowing MITM CVE-2020-13777 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : gnutls-3.7.6-23.el9_3.4 (AXSA:2024-7696:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7696:05 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain building/verification CVE-2024-28835...

MiracleLinux 8 : gnutls-3.6.16-8.el8_9.1.ML.1 (AXSA:2024-7497:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7497:03 advisory. gnutls: incomplete fix for CVE-2023-5981 CVE-2024-0553 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : gnutls-3.6.14-8.el8, nettle-3.4.1-4.el8 (AXSA:2021-1688:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1688:01 advisory. nettle: Out of bounds memory access in signature verification CVE-2021-20305 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : gnutls-3.8.3-4.el9 (AXSA:2024-8060:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8060:06 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain building/verification CVE-2024-28835...

MiracleLinux 9 : gnutls-3.7.6-23.el9_3.3 (AXSA:2024-7484:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7484:02 advisory. gnutls: timing side-channel in the RSA-PSK authentication CVE-2023-5981 gnutls: incomplete fix for CVE-2023-5981 CVE-2024-0553 gnutls: rejects...

MiracleLinux 8 : gnutls-3.6.16-8.el8_9.3.ML.1 (AXSA:2024-7683:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7683:04 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 8 : gnutls-3.6.16-5.el8 (AXSA:2022-3927:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3927:01 advisory. gnutls: Double free during gnutlspkcs7verify. CVE-2022-2509 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : gnutls-3.6.16-4.el8, nettle-3.4.1-7.el8 (AXSA:2021-2630:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2630:02 advisory. nettle: Remote crash in RSA decryption via manipulated ciphertext CVE-2021-3580 gnutls: Use after free in client keyshare extension CVE-2021-20231...

CLSA-2026-1768861951 Update of gnutls

Backport CVE fixes - Bump version to solve conflict with community package...

Curl 8.8.0 < 8.18.0 Improper Certificate Validation.

The version of curl installed on the remote host is missing a security update. It is, therefore, affected by an improper certificate validation vulnerability. - When using the CURLOPTPINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool, the public key check should be performed...

MiracleLinux 4 : gnutls-2.8.5-19.AXS4 (AXSA:2016-014:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-014:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the...

CVE-2025-13034

When using CURLOPTPINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool,curl should check the public key of the server certificate to verify the peer. This check was skipped in a certain condition that would then make curl allow the connection without performing the proper chec...

Security Bulletin: Multiple security vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak

Summary Multiple vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak. RedHat UBI is used as base imaged for IBM Robotic Process Automation for Cloud Pak images. This bulletin identifies the fixes required to address the vulnerabilites. Vulnerability Details...

MiracleLinux 3 : gnutls-1.4.1-10.1.0.1.AXS3 (AXSA:2013-170:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-170:02 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the...

MiracleLinux 4 : gnutls-2.8.5-10.2.0.1.AXS4 (AXSA:2013-469:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-469:02 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the...

MiracleLinux 7 : gnutls-3.3.29-8.el7 (AXSA:2019-3543:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3543:01 advisory. gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls CVE-2018-10844 gnutls: HMAC-SHA-384 vulnerable to...

MiracleLinux 4 : libtasn1-2.3-6.AXS4 (AXSA:2014-385:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-385:01 advisory. This is the ASN.1 library used in GNUTLS. More up to date information can be found at http://www.gnu.org/software/gnutls and http://www.gnutls.org...

MiracleLinux 4 : gnutls-2.12.23-21.AXS4 (AXSA:2017-1381:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1381:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...