FreeBSD : Gitlab -- vulnerabilities (3e738678-7582-11ef-bece-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3e738678-7582-11ef-bece-2cf05da270f3 advisory. Gitlab reports: SAML authentication bypass Tenable has extracted the preceding description block direct...

Fedora 40 : frr (2024-1b36a483cc)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1b36a483cc advisory. Fix for CVE-2024-44070 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Photon OS 5.0: Linux PHSA-2024-5.0-0367

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0367. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 40 : python3.11 (2024-985017d277)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-985017d277 advisory. Security fix for CVE-2024-8088 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

Photon OS 4.0: Python3 PHSA-2023-4.0-0519

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0519. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Linux PHSA-2024-5.0-0230

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0230. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Bluez PHSA-2024-4.0-0586

An update of the bluez package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0586. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Oracle Linux 9 : buildah (ELSA-2024-4371)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4371 advisory. - rebuild for CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Fedora 40 : crosswords / libipuz (2024-e4717532c4)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-e4717532c4 advisory. crosswords 0.3.13 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 40 : pgadmin4 / python-libgravatar (2024-4d4ceb61f7)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-4d4ceb61f7 advisory. Update to pgadmin4-8.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 40 : php-tcpdf (2024-27eafd0e65)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-27eafd0e65 advisory. Version 6.7.5 2024-04-20 - Update GitHub actions - fix: CSV-2024-22640 712 Tenable has extracted the preceding description block directly from the...

RHEL 6 : openstack-keystone (RHSA-2012:1556)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1556 advisory. - OpenStack: Keystone /etc/keystone/ec2rc secret key exposure CVE-2012-5483 - OpenStack: Keystone EC2-style credentials invalidation issue...

Oracle Linux 9 : gimp (ELSA-2024-0675)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0675 advisory. - fix CVE-2023-44441 - fix CVE-2023-44442 - fix CVE-2023-44443 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : nss (ELSA-2024-0105)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0105 advisory. 3.90.0-4 - Fix expired certs in tests - Fix CVE-2023-5388 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

NewStart CGSL MAIN 6.06 : aide Vulnerability (NS-SA-2023-0093)

The remote NewStart CGSL host, running version MAIN 6.06, has aide packages installed that are affected by a vulnerability: - AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buffer...

RHEL 9 : gstreamer1-plugins-bad-free (RHSA-2023:7873)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7873 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

Fedora 38 : xen (2023-56901a79a1)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-56901a79a1 advisory. x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445, CVE-2023-46835 x86: BTC/SRSO fixes not fully effective XSA-446, CVE-2023-46836...

Fedora 39 : golang-github-altree-bigfloat / golang-github-seancfoley-bintree / etc (2023-ab43e2ce21)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-ab43e2ce21 advisory. rebuild against golang-x-image 0.13.0 ---- version 0.30.1 ---- fix overflow when GLFWIMMODULE=ibus is set and ibus is not running ---- split out kitten clari...

Oracle Linux 8 : .NET / 6.0 (ELSA-2023-6245)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6245 advisory. 6.0.124-1.0.1 - Update to .NET SDK 6.0.124 and Runtime 6.0.24 - Resolves: RHEL-14466 Tenable has extracted the preceding description block directly from the...

RHEL 8 : python3 (RHSA-2023:5996)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5996 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...