4433 matches found
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 security update
An update for collectd-libpod-stats, etcd, and python-octavia-tests-tempest is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...
Important: Red Hat Security Advisory: Red Hat Build of OptaPlanner 8.38.0 SP2 security update
Red Hat build of OptaPlanner 8.38.0 for Quarkus 2.13.8 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Denial Of Service (DoS)
apache2 is vulnerable to Denial of Service DoS. This vulnerability allows an attacker to cause denial of service conditions on a vulnerable system by exploiting a race condition that occurs when a HTTP/2 connection is reset RST frame by a client...
Important: Red Hat Security Advisory: Logging Subsystem 5.7.7 - Red Hat OpenShift security update
Logging Subsystem 5.7.7 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Important: Red Hat Security Advisory: Logging Subsystem 5.6.12 - Red Hat OpenShift security update
Logging Subsystem 5.6.12 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2023-030)
The version of docker installed on the remote host is prior to 20.10.25-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2023-030 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Templates did not properly conside...
Amazon Linux 2 : docker (ALASDOCKER-2023-031)
The version of docker installed on the remote host is prior to 20.10.25-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2023-031 advisory. 2025-03-03: CVE-2023-29409 was added to this advisory. 2024-05-09: CVE-2022-41723 was added to this advisory...
Apache 2.4.x < 2.4.58 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.58. It is, therefore, affected by multiple vulnerabilities: - Out-of-bounds read vulnerability in modmacro of Apache HTTP Server. CVE-2023-31122 - An attacker, opening a HTTP/2 connection with an initi...
Amazon Linux 2 : amazon-ssm-agent (ALAS-2023-2303)
The version of amazon-ssm-agent installed on the remote host is prior to 3.2.1705.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2303 advisory. 2023-10-30: CVE-2023-29409 was added to this advisory. 2023-10-30: CVE-2023-3978 was added to this advisory...
Oracle Linux 9 : nodejs (ELSA-2023-5765)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5765 advisory. 1:16.20.2-3.0.1 - Update nghttp2 to 1.57.0 Resolves: CVE-2023-44487 Tenable has extracted the preceding description block directly from the Oracle Linux securit...
SUSE: Security Advisory (SUSE-SU-2023:4129-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : runc (ALASDOCKER-2023-033)
The version of runc installed on the remote host is prior to 1.1.7-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2023-033 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...
SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-el-3_0-api / etc (SUSE-SU-2023:4129-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4129-1 advisory. Tomcat was updated to version 9.0.82 jscPED-6376, jscPED-6377: - Security issues fixed: CVE-2023-41080: Avoid protocol relative...
Amazon Linux 2 : containerd (ALASNITRO-ENCLAVES-2023-031)
The version of containerd installed on the remote host is prior to 1.6.19-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2023-031 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset...
SUSE SLES15: helm / helm-bash-completion / helm-fish-completion / etc (SUSE-SU-2023:4124-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4124-1 advisory. helm was updated to version 3.13.1: Fixing precedence issue with the import of values. Add missing with clause to release gh action...
SUSE SLES15 Security Update : nodejs18 (SUSE-SU-2023:4133-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4133-1 advisory. - Update to version 18.18.2 - CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. bsc1216190 - CVE-2023-45143: Fixed a cookie...
SUSE SLES12 Security Update : nodejs18 (SUSE-SU-2023:4132-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4132-1 advisory. - Update to version 18.18.2 - CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. bsc1216190 - CVE-2023-45143: Fixed a cookie...
Fedora 37 : trafficserver (2023-54fadada12)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-54fadada12 advisory. Update to upstream 9.2.3 Resolves CVE-2023-44487, CVE-2023-41752, CVE-2023-39456 Tenable has extracted the preceding description block directly from...
Fedora 38 : trafficserver (2023-5ff7bf1dd8)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5ff7bf1dd8 advisory. Update to upstream 9.2.3 Resolves CVE-2023-44487, CVE-2023-41752, CVE-2023-39456 Tenable has extracted the preceding description block directly from...
Ubuntu: Security Advisory (USN-6427-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...