MiracleLinux 7 : rh-nodejs12-nodejs-nodemon-2.0.3-5.el7, rh-nodejs12-nodejs-12.22.5-1.el7 (AXSA:2021-2386:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2386:03 advisory. nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22940...

PT-2024-5937

Name of the Vulnerable Software and Affected Versions: HAProxy versions 2.9.x through 2.9.9 HAProxy versions 3.0.x through 3.0.3 HAProxy versions 3.1.x through 3.1-dev6 Description: The issue is related to a remote denial of service vulnerability in HAProxy, which can be exploited under certain...

SUSE-SU-2021:0673-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: New upstream LTS version 10.24.0: - CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 - CVE-2021-22884: DNS rebinding in --inspect bsc1182620 - CVE-2021-23840: OpenSSL - Integer overflow in...

SUSE-SU-2020:2450-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request bsc1175071. - CVE-2020-11985: IP address spoofing when proxying using modremoteip and modrewrite bsc1175072. - CVE-2020-11993:...

SUSE-SU-2019:2329-1 Security update for apache2

This update for apache2 fixes the following issues: Security issues fixed: - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering bsc1145575. - CVE-2019-10081: Fixed modhttp2 that is vulnerable to memory corruption on early pushes bsc1145742. -...