MiracleLinux 8 : libssh-0.9.6-14.el8 (AXSA:2024-8172:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8172:04 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values fo...

Insufficient Verification Of Data Authenticity

github.com/regclient/regclient is vulnerable to Insufficient Verification Of Data Authenticity. The vulnerability is due to missing digest checks which allows a malicious registry to return a different digest for a pinned manifest without detection...