25 matches found
MiracleLinux 8 : libuv-1.41.1-1.el8 (AXSA:2021-2313:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2313:02 advisory. libuv: out-of-bounds read in uvidnatoascii can lead to information disclosures or crashes CVE-2021-22918 Tenable has extracted the preceding description bloc...
MiracleLinux 9 : libuv-1.42.0-2.el9_4 (AXSA:2024-8597:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8597:02 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...
EUVD-2020-29122
Malware in sbrugna...
EUVD-2024-19623
Malicious code in bioql PyPI...
K000152876: libuv vulnerability CVE-2024-24806
Security Advisory Description libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be...
F5 Networks BIG-IP : libuv vulnerability (K000152876)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000152876 advisory. libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in...
NewStart CGSL MAIN 7.02 : libuv Vulnerability (NS-SA-2025-0112)
The remote NewStart CGSL host, running version MAIN 7.02, has libuv packages installed that are affected by a vulnerability: - libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart...
TencentOS Server 4: libuv (TSSA-2024:0609)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0609 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0185: libuv (ALINUX3-SA-2024:0185)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0185 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-24806: libuv is a multi-platform support...
RockyLinux 9 : libuv (RLSA-2024:4756)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:4756 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...
CVE-2025-47153
Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have an inconsistent offt size e.g., building on i386 Debian always uses FILEOFFSETBITS=64 for the libuv dynamic library, but uses the...
PT-2025-18371 · Libuv +2 · Libuv +2
Name of the Vulnerable Software and Affected Versions: libuv and Node.js versions prior to nodejs 20.19.0+dfsg-2 i386.deb Description: The issue arises from certain build processes for libuv and Node.js on 32-bit systems, where the off t size is inconsistent. This inconsistency occurs because the...
GLSA-202501-05 : libuv: Hostname Truncation
The remote host is affected by the vulnerability described in GLSA-202501-05 libuv: Hostname Truncation Multiple vulnerabilities have been discovered in libuv. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...
Medium: libuv
Issue Overview: libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to...
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : libuv vulnerability (USN-6666-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6666-1 advisory. It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted...
Improper Domain Lookup that potentially leads to SSRF attacks in libuv
...
AZL-35133 CVE-2024-24806 affecting package python-gevent for versions less than 23.9.1-3
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
AZL-35782 CVE-2024-24806 affecting package cmake for versions less than 3.28.2-6
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
DEBIAN-CVE-2024-24806
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
CVE-2024-24806 Improper Domain Lookup that potentially leads to SSRF attacks in libuv
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...