Fedora 40 : doctl (2023-72ab10f1de)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-72ab10f1de advisory. Automatic update for doctl-1.101.0-2.fc40. Changelog Sat Dec 9 2023 Mikel Olasagasti Uranga - Update to 1.101.0 - Closes rhbz2253730 rhbz2248265 Tenable has...

Fedora 40 : golang-github-colinmarc-hdfs-2 (2023-791e2dc6cb)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-791e2dc6cb advisory. Automatic update for golang-github-colinmarc-hdfs-2-2.4.0-1.fc40. Changelog Thu Oct 12 2023 Mikel Olasagasti Uranga - 2.4.0-1 - Update to 2.4.0 - Closes...

Fedora 40 : golang-gvisor (2024-80e062d21a)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-80e062d21a advisory. Update golang-gvisor to 20240408.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Fedora 40 : xq (2024-e9ca3462aa)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e9ca3462aa advisory. Automatic update for xq-1.2.4-2.fc40. Changelog Sun Feb 11 2024 Maxwell G - 1.2.4-2 - Rebuild for golang 1.22.0 Sun Feb 11 2024 Mikel Olasagasti...

Fedora 40 : gh (2023-5852a1cc3f)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-5852a1cc3f advisory. Automatic update for gh-2.39.1-1.fc40. Changelog Wed Nov 15 2023 Mikel Olasagasti Uranga - 2.39.1-1 - Update to 2.39.1 - Closes rhbz2249773 rhbz2248270 Tenab...

Fedora 40 : kubernetes (2024-ce2eefc399)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ce2eefc399 advisory. Update Kubernetes to v1.29.4 for Fedora 40. Resolves CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugi...

Fedora 40 : gitleaks (2024-4901258366)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4901258366 advisory. Automatic update for gitleaks-8.18.2-1.fc40. Changelog Thu Feb 8 2024 Mikel Olasagasti Uranga - 8.18.2-1 - Update to 8.18.2 - Closes rhbz2250439 rhbz2248275...

Fedora 40 : dnsx (2023-65413f7fd0)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-65413f7fd0 advisory. Automatic update for dnsx-1.1.5-1.fc40. Changelog Fri Oct 27 2023 Mikel Olasagasti Uranga - 1.1.5-1 - Update to 1.1.5 - Closes rhbz2169567 rhbz21784...

Fedora 40 : firefox (2024-c6a1d4e0ec)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c6a1d4e0ec advisory. - New upstream release 125.0 ---- - New upstream release 124.0.2 Tenable has extracted the preceding description block directly from the Fedora...

Fedora 40 : chisel (2023-b29031a7aa)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b29031a7aa advisory. Automatic update for chisel-1.9.0-1.fc40. Changelog Sun Aug 20 2023 Filipe Rosset - 1.9.0-1 - Update to 1.9.0 fixes rhbz2113146 rhbz2163065...

Fedora 40 : nghttp2 (2024-da8cdd8414)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-da8cdd8414 advisory. - fix CONTINUATION frames DoS CVE-2024-28182 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora 40 : golang-github-rogpeppe-internal (2023-9177748962)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9177748962 advisory. Automatic update for golang-github-rogpeppe-internal-1.11.0-1.fc40. Changelog Wed Dec 13 2023 Mikel Olasagasti Uranga - 1.11.0-1 - Update to 1.11.0 ...

Amazon Linux 2023 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2023-2024-593)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-593 advisory. An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in...

Ubuntu 24.04 LTS. : curl vulnerabilities (USN-6718-3)

The remote Ubuntu 24.04 LTS. host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6718-3 advisory. USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the preceding...

Fedora 40 : golang-github-onsi-ginkgo-2 (2023-1c1be955d7)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-1c1be955d7 advisory. Automatic update for golang-github-onsi-ginkgo-2-2.13.2-3.fc40. Changelog Sun Dec 31 2023 Mikel Olasagasti Uranga - 2.13.2-3 - Update to 2.13.2 - Closes...

Fedora 40 : nodejs20 (2024-2ffe03eaa6)

"The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2ffe03eaa6 advisory. 2024-04-03, Version 20.12.1 'Iron' LTS, @RafaelGSS This is a security release Notable Changes CVE-2024-27983 - Assertion failed in...

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2024:1962)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1962 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 Tenable has extracted the preceding description block directly fro...

Fedora 40 : varnish (2023-2cc6f607b9)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2cc6f607b9 advisory. Automatic update for varnish-7.4.2-1.fc40. Changelog Wed Nov 8 2023 Ingvar Hagelund - 7.4.2-1 - New upstream release. A security release - Includes fix for...

Amazon Linux 2023 : mod_http2 (ALAS2023-2024-595)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-595 advisory. HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory...

Fedora 40 : golang-github-nats-io / golang-github-nats-io-jwt-2 / etc (2023-5f984129b2)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-5f984129b2 advisory. Updated NATS stack for CVE-2023-39325 and CVE-2023-46129 Tenable has extracted the preceding description block directly from the Fedora security...