Lucene search
K

83 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.45 views

Amazon Linux 2023 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2023-2024-593)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-593 advisory. An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in...

8.2CVSS7.3AI score0.87211EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.29 views

Ubuntu 24.04 LTS. : curl vulnerabilities (USN-6718-3)

The remote Ubuntu 24.04 LTS. host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6718-3 advisory. USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the preceding...

8.6CVSS6.7AI score0.36081EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.20 views

Fedora 40 : golang-github-colinmarc-hdfs-2 (2023-791e2dc6cb)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-791e2dc6cb advisory. Automatic update for golang-github-colinmarc-hdfs-2-2.4.0-1.fc40. Changelog Thu Oct 12 2023 Mikel Olasagasti Uranga - 2.4.0-1 - Update to 2.4.0 - Closes...

5.3CVSS7AI score0.05623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.26 views

Fedora 40 : golang-github-rogpeppe-internal (2023-9177748962)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9177748962 advisory. Automatic update for golang-github-rogpeppe-internal-1.11.0-1.fc40. Changelog Wed Dec 13 2023 Mikel Olasagasti Uranga - 1.11.0-1 - Update to 1.11.0 ...

7.5CVSS7.1AI score0.05623EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.23 views

Fedora 40 : golang-github-prometheus-prom2json (2023-14a33318b8)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-14a33318b8 advisory. Automatic update for golang-github-prometheus-prom2json-1.3.3-1.fc40. Changelog Sun Dec 3 2023 Mikel Olasagasti Uranga - 1.3.3-1 - Update to 1.3.3 -...

7.5CVSS7.1AI score0.05623EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.16 views

Fedora 39 : golang-gvisor (2024-9cc0e0c63e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9cc0e0c63e advisory. Update golang-gvisor to 20240408.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.14 views

Fedora 38 : golang-gvisor (2024-d652859efb)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d652859efb advisory. Update golang-gvisor to 20240408.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/20 12:0 a.m.32 views

Fedora 39 : nodejs20 (2024-e28ccc9c17)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e28ccc9c17 advisory. 2024-04-03, Version 20.12.1 'Iron' LTS, @RafaelGSS This is a security release Notable Changes CVE-2024-27983 - Assertion failed in...

8.2CVSS7.4AI score0.87211EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/04/20 12:0 a.m.28 views

SUSE SLES15 Security Update : nodejs12 (SUSE-SU-2024:1346-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1346-1 advisory. - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session that could lead to HTTP/2 server crash bsc12222...

8.2CVSS7.1AI score0.87211EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.23 views

SUSE SLES12 Security Update : nodejs16 (SUSE-SU-2024:1305-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1305-1 advisory. - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session that could lead to HTTP/2 server crash bsc12222...

8.2CVSS7.1AI score0.87211EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.36 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs18 (SUSE-SU-2024:1309-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1309-1 advisory. Update to 18.20.1 Security fixes: - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session...

8.2CVSS7AI score0.87211EPSS
Exploits3References16
OpenVAS
OpenVAS
added 2024/04/17 12:0 a.m.27 views

openSUSE: Security Advisory for nodejs16 (SUSE-SU-2024:1306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.5AI score0.87211EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.26 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs20 (SUSE-SU-2024:1301-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1301-1 advisory. Update to 20.12.1 Security fixes: - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session...

8.2CVSS7AI score0.87211EPSS
Exploits3References16
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.33 views

SUSE SLES15 Security Update : nodejs16 (SUSE-SU-2024:1306-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1306-1 advisory. - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session that could lead to HTTP/2 server crash bsc12222...

8.2CVSS7.1AI score0.87211EPSS
Exploits1References7
AlpineLinux
AlpineLinux
added 2024/04/09 1:6 a.m.51 views

CVE-2024-27983

An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a T...

8.2CVSS6.6AI score0.87211EPSS
Exploits1
OSV
OSV
added 2024/03/29 3:49 a.m.25 views

MGASA-2024-0099 Updated curl packages fix security vulnerabilities

CVE-2024-2004: Usage of disabled protocol If all protocols are disabled at run-time with none being added, curl/libcurl would still allow communication with the default set of allowed protocols, including some that are unencrypted. CVE-2024-2398: HTTP/2 push headers memory-leak A memory leak coul...

8.6CVSS6.9AI score0.36081EPSS
Exploits4References4
CVE
CVE
added 2024/03/27 7:55 a.m.448 views

CVE-2024-2398

CVE-2024-2398 affects curl/libcurl: when an application enables HTTP/2 server push and the received push headers exceed a limit (1000), libcurl aborts the server push and leaks previously allocated headers, causing memory leaks and a silent condition that can be hard to detect. The CVSS in the en...

8.6CVSS8.3AI score0.36081EPSS
Exploits1References13Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.41 views

Slackware Linux 15.0 / current curl Multiple Vulnerabilities (SSA:2024-087-01)

The version of curl installed on the remote host is prior to 8.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-087-01 advisory. - When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would...

8.6CVSS6.6AI score0.36081EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.29 views

Ubuntu 16.04 LTS / 18.04 LTS : curl vulnerability (USN-6718-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6718-2 advisory. USN-6718-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tenable has extract...

8.6CVSS6.9AI score0.36081EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.37 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : curl vulnerabilities (USN-6718-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6718-1 advisory. Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols...

8.6CVSS6.7AI score0.36081EPSS
Exploits2References3
Rows per page
Query Builder