4433 matches found
Important: Red Hat Security Advisory: RHACS 3.74 enhancement and security update
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 4.0.1 release security update
Red Hat Integration Camel for Spring Boot 4.0.1 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: RHACS 4.0 enhancement and security update
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
[SECURITY] Fedora 38 Update: proxygen-2023.10.16.00-1.fc38
Proxygen comprises the core C++ HTTP abstractions used at Facebook. Internally, it is used as the basis for building many HTTP servers, proxies, and clients. This release focuses on the common HTTP abstractions and our simple HTTPServer framework. Future releases will provide simple client APIs a...
[SECURITY] Fedora 37 Update: proxygen-2023.10.16.00-1.fc37
Proxygen comprises the core C++ HTTP abstractions used at Facebook. Internally, it is used as the basis for building many HTTP servers, proxies, and clients. This release focuses on the common HTTP abstractions and our simple HTTPServer framework. Future releases will provide simple client APIs a...
Amazon Linux 2023 : docker (ALAS2023-2023-397)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-397 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...
tomcat security update
1:9.0.62-5.2 - HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487...
Oracle Linux 9 : tomcat (ELSA-2023-5929)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5929 advisory. 1:9.0.62-11.3 - HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the precedin...
Rocky Linux 8 : varnish (RLSA-2023:5989)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5989 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wil...
Rocky Linux 8 : nodejs:16 (RLSA-2023:5850)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5850 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wil...
Fedora 38 : nodejs18 (2023-d5030c983c)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d5030c983c advisory. 2023-10-13, Version 18.18.2 'Hydrogen' LTS, @RafaelGSS This is a security release. Notable Changes The following CVEs are fixed in this release:...
Rocky Linux 9 : .NET 7.0 (RLSA-2023:5749)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5749 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wil...
Rocky Linux 9 : nodejs (RLSA-2023:5765)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5765 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wil...
Fedora 37 : cachelib / fb303 / fbthrift / fizz / folly / mcrouter / mvfst / etc (2023-2a9214af5f)
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-2a9214af5f advisory. Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487 Tenable has extracted the preceding description block directly...
Oracle Linux 9 : varnish (ELSA-2023-5924)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5924 advisory. - Add parameters h2rstallowance and h2rstallowanceperiod to mitigate CVE-2023-44487 Tenable has extracted the preceding description block directly from the Orac...
Oracle Linux 8 : tomcat (ELSA-2023-5928)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5928 advisory. 1:9.0.62-5.2 - HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding...
Rocky Linux 8 : tomcat (RLSA-2023:5928)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5928 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wil...
Oracle Linux 8 : varnish (ELSA-2023-5989)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5989 advisory. varnish 6.0.8-3.1 - Add parameters h2rstallowance and h2rstallowanceperiod to mitigate CVE-2023-44487 varnish-modules Tenable has extracted the preceding...
Rocky Linux 9 : nghttp2 (RLSA-2023:5838)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5838 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wil...
Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2023-388)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-388 advisory. The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 A broken cryptographic algorithm flaw was foun...