Fedora 40 : golang-github-cncf-xds / golang-github-envoyproxy-control-plane / etc (2023-a1b28cf117)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a1b28cf117 advisory. Security fix for CVE-2022-41717 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2024:1962)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1962 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 Tenable has extracted the preceding description block directly fro...

Fedora 40 : cachelib / fb303 / fbthrift / fizz / folly / mcrouter / mvfst / etc (2023-acbee8f31a)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-acbee8f31a advisory. Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487 Tenable has extracted the preceding description block directly...

Fedora 40 : kubernetes (2024-ce2eefc399)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ce2eefc399 advisory. Update Kubernetes to v1.29.4 for Fedora 40. Resolves CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugi...

Fedora 40 : dnsx (2023-65413f7fd0)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-65413f7fd0 advisory. Automatic update for dnsx-1.1.5-1.fc40. Changelog Fri Oct 27 2023 Mikel Olasagasti Uranga - 1.1.5-1 - Update to 1.1.5 - Closes rhbz2169567 rhbz21784...

Fedora 40 : chisel (2023-b29031a7aa)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b29031a7aa advisory. Automatic update for chisel-1.9.0-1.fc40. Changelog Sun Aug 20 2023 Filipe Rosset - 1.9.0-1 - Update to 1.9.0 fixes rhbz2113146 rhbz2163065...

AlmaLinux 9 : golang (ALSA-2024:1963)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1963 advisory. - An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state...

Fedora 40 : golang-github-prometheus-node-exporter (2023-654e0ddfd8)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-654e0ddfd8 advisory. Automatic update for golang-github-prometheus-node-exporter-1.6.1-1.fc40. Changelog Thu Nov 9 2023 Mikel Olasagasti Uranga - 1.6.1-1 - Update to 1.6...

Fedora 40 : varnish (2023-2cc6f607b9)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2cc6f607b9 advisory. Automatic update for varnish-7.4.2-1.fc40. Changelog Wed Nov 8 2023 Ingvar Hagelund - 7.4.2-1 - New upstream release. A security release - Includes fix for...

Fedora 40 : golang-github-prometheus-prom2json (2023-14a33318b8)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-14a33318b8 advisory. Automatic update for golang-github-prometheus-prom2json-1.3.3-1.fc40. Changelog Sun Dec 3 2023 Mikel Olasagasti Uranga - 1.3.3-1 - Update to 1.3.3 -...

Fedora 39 : golang-helm-3 (2023-46c95e2c57)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-46c95e2c57 advisory. Automatic update for golang-helm-3-3.11.1-1.fc39. Changelog Tue Feb 21 2023 Davide Cavalca - 3.11.1-1 - Update to 3.11.1; Fixes: RHBZ1977738,...

[SECURITY] [DLA 3799-1] trafficserver security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3799-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 28, 2024 https://wiki.debian.org/LTS -...

Fedora 38 : golang-gvisor (2024-d652859efb)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d652859efb advisory. Update golang-gvisor to 20240408.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Fedora 39 : golang-gvisor (2024-9cc0e0c63e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9cc0e0c63e advisory. Update golang-gvisor to 20240408.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Debian dla-3799 : trafficserver - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3799 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3799-1 [email protected] https://www.debian.org/lts/security/...

RHEL 7 : rh-nginx112-nginx (RHSA-2019:2746)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2746 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...

RHEL 8 : Red Hat OpenShift Pipelines Client tkn for 1.10.6 (RHSA-2023:7699)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7699 advisory. Red Hat OpenShift Pipelines Client, tkn for the 1.10.6 release, provides a CLI tool to interact with the Pipelines and Triggers components...

RHEL 8 / 9 : OpenShift Container Platform 4.14.2 (RHSA-2023:6840)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6840 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

RHEL 8 : openshift-gitops-kam (RHSA-2023:6782)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6782 advisory. OpenShift GitOps KAM OpenShift GitOps Kubernetes Application Manager CLI tool Security Fixes: golang: net/http, x/net/http2: rapid stream...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...