4434 matches found
Low: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...
ALSA-2024:1940 Low: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fixes: Mozilla: Denial of Service using HTTP/2 CONTINUATION frames CVE-2024-3302 For more details about the security issues, including the impact, a CVSS score,...
Low: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fixes: Mozilla: Denial of Service using HTTP/2 CONTINUATION frames CVE-2024-3302 For more details about the security issues, including the impact, a CVSS score,...
RHEL 9 : thunderbird (RHSA-2024:1941)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1941 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fixes: Mozilla...
RHEL 8 : thunderbird (RHSA-2024:1934)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1934 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fixes: Mozilla...
ROS-20240422-05
The golang package vulnerability is related to errors returned from MarshalJSON methods containing data, controlled by the user. Exploitation of the vulnerability could allow an attacker acting remotely, exploit these errors to disrupt the contextual behavior of the automatic output of the packag...
ROS-20240422-03
The Eclipse Jetty servlet container vulnerability is related to the fact that an established HTTP/2 SSL connection and a overloaded TCP will reload when the set time expires. Exploitation of the vulnerability could allow an attacker acting remotely to cause a state where a server could run out of...
Low: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fixes: Mozilla: Denial of Service using HTTP/2 CONTINUATION frames CVE-2024-3302 For more details about the security issues, including the impact, a CVSS score,...
Fedora 38 : firefox (2024-966e16bfa3)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-966e16bfa3 advisory. - New upstream release 125.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
Fedora 38 : mod_http2 (2024-1f11550e31)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1f11550e31 advisory. Security fix for CVE-2024-27316 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
[SECURITY] Fedora 38 Update: nghttp2-1.52.0-3.fc38
This package contains the HTTP/2 client, server and proxy programs...
[SECURITY] Fedora 39 Update: nghttp2-1.55.1-5.fc39
This package contains the HTTP/2 client, server and proxy programs...
Debian dsa-5667 : libtomcat9-embed-java - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5667 advisory. - Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82...
RHEL 8 / 9 : java-21-openjdk (RHSA-2024:1828)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1828 advisory. The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security...
Fedora 38 : nghttp2 (2024-ec22e51ec2)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ec22e51ec2 advisory. - fix CONTINUATION frames DoS CVE-2024-28182 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Fedora 39 : nodejs20 (2024-e28ccc9c17)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e28ccc9c17 advisory. 2024-04-03, Version 20.12.1 'Iron' LTS, @RafaelGSS This is a security release Notable Changes CVE-2024-27983 - Assertion failed in...
SUSE SLES15 Security Update : nodejs12 (SUSE-SU-2024:1346-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1346-1 advisory. - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session that could lead to HTTP/2 server crash bsc12222...
SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2024:1350-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1350-1 advisory. Update to Firefox Extended Support Release 115.10.0 ESR MSFA 2024-19 bsc1222535: - CVE-2024-3852...
[SECURITY] Fedora 40 Update: rust-h2-0.3.26-1.fc40
An HTTP/2 client and server...
[SECURITY] Fedora 40 Update: nghttp2-1.59.0-3.fc40
This package contains the HTTP/2 client, server and proxy programs...