Ubuntu 24.04 LTS. : Apache HTTP Server vulnerabilities (USN-6729-3)

The remote Ubuntu 24.04 LTS. host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6729-3 advisory. USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the...

Fedora 40 : varnish (2023-2cc6f607b9)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2cc6f607b9 advisory. Automatic update for varnish-7.4.2-1.fc40. Changelog Wed Nov 8 2023 Ingvar Hagelund - 7.4.2-1 - New upstream release. A security release - Includes fix for...

Fedora 40 : gitleaks (2024-4901258366)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4901258366 advisory. Automatic update for gitleaks-8.18.2-1.fc40. Changelog Thu Feb 8 2024 Mikel Olasagasti Uranga - 8.18.2-1 - Update to 8.18.2 - Closes rhbz2250439 rhbz2248275...

Fedora 40 : golang-github-nats-io / golang-github-nats-io-jwt-2 / etc (2023-5f984129b2)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-5f984129b2 advisory. Updated NATS stack for CVE-2023-39325 and CVE-2023-46129 Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 40 : golang-github-cncf-xds / golang-github-envoyproxy-control-plane / etc (2023-a1b28cf117)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a1b28cf117 advisory. Security fix for CVE-2022-41717 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Fedora 40 : dnsx (2023-65413f7fd0)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-65413f7fd0 advisory. Automatic update for dnsx-1.1.5-1.fc40. Changelog Fri Oct 27 2023 Mikel Olasagasti Uranga - 1.1.5-1 - Update to 1.1.5 - Closes rhbz2169567 rhbz21784...

Fedora 40 : mod_http2 (2024-4812897dd1)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4812897dd1 advisory. Security fix for CVE-2024-27316 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 40 : golang-github-rogpeppe-internal (2023-9177748962)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9177748962 advisory. Automatic update for golang-github-rogpeppe-internal-1.11.0-1.fc40. Changelog Wed Dec 13 2023 Mikel Olasagasti Uranga - 1.11.0-1 - Update to 1.11.0 ...

Amazon Linux 2023 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2023-2024-593)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-593 advisory. An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in...

Fedora 40 : xq (2024-e9ca3462aa)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e9ca3462aa advisory. Automatic update for xq-1.2.4-2.fc40. Changelog Sun Feb 11 2024 Maxwell G - 1.2.4-2 - Rebuild for golang 1.22.0 Sun Feb 11 2024 Mikel Olasagasti...

Fedora 40 : golang-gvisor (2024-80e062d21a)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-80e062d21a advisory. Update golang-gvisor to 20240408.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

[SECURITY] [DLA 3799-1] trafficserver security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3799-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 28, 2024 https://wiki.debian.org/LTS -...

RHEL 7 / 8 / 9 : OpenShift Virtualization 4.13.6 RPMs (RHSA-2023:7521)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7521 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2019:2955)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2955 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

RHEL 8 : openshift-pipelines-client (RHSA-2023:6781)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6781 advisory. Red Hat OpenShift Pipelines Client, tkn for the 1.11.2 release, provides a CLI tool to interact with the Pipelines and Triggers components...

RHEL 6 / 7 / 8 / 9 : Red Hat Satellite Client (RHSA-2023:5982)

The remote Redhat Enterprise Linux 6 / 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5982 advisory. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 HTTP/2...

Debian dla-3799 : trafficserver - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3799 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3799-1 [email protected] https://www.debian.org/lts/security/...

RHEL 7 : rh-nginx112-nginx (RHSA-2019:2746)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2746 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...

RHEL 8 : Red Hat OpenShift Pipelines Client tkn for 1.12.1 (RHSA-2023:6059)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6059 advisory. Red Hat OpenShift Pipelines Client, tkn for the 1.12.1 release, provides a CLI tool to interact with the Pipelines and Triggers components...

RHEL 8 / 9 : OpenShift Container Platform 4.14.2 (RHSA-2023:6840)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6840 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...