Lucene search
K

44 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.36 views

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2024-1785)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache...

7.8CVSS7.1AI score0.04561EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.27 views

RHEL 9 : mcg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding CVE-2022-41723 Note that Nessus has...

7.5CVSS7.8AI score0.04561EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/30 12:0 a.m.29 views

EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2024-1738)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service fro...

7.5CVSS7AI score0.04561EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/05/08 9:15 a.m.32 views

CVE-2024-4438

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.33 views

Fedora 40 : dnsx (2023-2e09477fbc)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2e09477fbc advisory. Automatic update for dnsx-1.1.6-1.fc40. Changelog Thu Nov 16 2023 Mikel Olasagasti Uranga - 1.1.6-1 - Update to 1.1.6 - Closes rhbz2249448 rhbz2248264 Tenabl...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.20 views

Fedora 40 : exercism (2024-35c28f59d1)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-35c28f59d1 advisory. Update to latest version Security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.23 views

Fedora 39 : golang-github-tdewolff-argp / golang-github-tdewolff-minify / etc (2024-c3e32c5635)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-c3e32c5635 advisory. Update to latest version Security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:53 a.m.34 views

BIT-GOLANG-2023-39325 HTTP/2 rapid reset can cause excessive work in net/http

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

7.5CVSS7.3AI score0.03796EPSS
Exploits0References44
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.147 views

RHEL 8 / 9 : OpenShift Container Platform 4.15.0 (RHSA-2023:7201)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7201 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.3AI score0.99999EPSS
Exploits23References16
Tenable Nessus
Tenable Nessus
added 2023/12/21 12:0 a.m.48 views

Oracle Linux 8 : conmon (ELSA-2023-13054)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13054 advisory. - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-44487 and CVE-2023-39325 - address CVE-2023-44487 and...

8.2CVSS7.4AI score0.99999EPSS
Exploits20References3
Tenable Nessus
Tenable Nessus
added 2023/12/08 12:0 a.m.49 views

Oracle Linux 7 : conmon (ELSA-2023-13029)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13029 advisory. - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 cri-tools - Resolve CVE-2023-39325 flannel-cni-plugin - Resolve CVE-2023-44487 and CVE-2023-39325 he...

8.2CVSS7.4AI score0.99999EPSS
Exploits20References3
Tenable Nessus
Tenable Nessus
added 2023/12/06 12:0 a.m.25 views

Fedora 38 : gmailctl (2023-6f4c5b6331)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-6f4c5b6331 advisory. upgrade to v0.10.7, close rhbz2249798 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/19 12:0 a.m.26 views

Fedora 37 : prometheus-podman-exporter (2023-b60ff8c9ec)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b60ff8c9ec advisory. release v1.5.0 + security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/19 12:0 a.m.35 views

Fedora 38 : podman-tui (2023-e359fd31d2)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e359fd31d2 advisory. podman-tui v0.12.0 + security fix for CVE-2023-39325 and CVE-2022-41717 and CVE-2022-41723 Tenable has extracted the preceding description block...

7.5CVSS7.2AI score0.05623EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/19 12:0 a.m.24 views

Fedora 39 : prometheus-podman-exporter (2023-b75ee820ce)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b75ee820ce advisory. release v1.5.0 + security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.31 views

Fedora 37 : syncthing (2023-fa2d7b25d9)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-fa2d7b25d9 advisory. Update to version 1.26.0. Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.26.0 Tenable has extracted the preceding description block...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.31 views

Amazon Linux 2 : ecs-init (ALASECS-2023-020)

The version of ecs-init installed on the remote host is prior to 1.79.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2023-020 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...

7.5CVSS7AI score0.03796EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.26 views

Amazon Linux 2023 : ecs-init (ALAS2023-2023-435)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-435 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS6.9AI score0.03796EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.21 views

Amazon Linux 2023 : ecs-init (ALAS2023-2023-434)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-434 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...

5.5AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/11/14 3:32 p.m.62 views

Moderate: Red Hat Security Advisory: container-tools:4.0 security and bug fix update

An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

9.8CVSS6.5AI score0.04561EPSS
Exploits2References20
Rows per page
Query Builder