Astra Linux - уязвимость в cpio

Debian’s cpio package contains a path traversal vulnerability. This issue was introduced by reverting the CVE-2015-1197 patches, which caused a regression in the --no-absolute-filenames option. Upstream has since provided a proper fix for this issue...

SUSE SLES15 Security Update : libxslt (SUSE-SU-2026:0603-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0603-1 advisory. - CVE-2025-11731: fixed a type confusion in exsltFuncResultComp function leading to denial of service bsc1251979 - CVE-2025-10911:...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-11731: fixed a type confusion in exsltFuncResultComp function leading to denial of service bsc1251979 CVE-2025-10911: last fix caused a regression, patch was temporary disabled bsc1250553 Patch Instructions: To install this SUSE update...

Oracle Linux 9 : tar (ELSA-2026-0067)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0067 advisory. 2:1.34-9 - Fix the last patch to solve a regression with -x and --xattrs: RHEL-136277 also, fix another tiny mistake in the patch w/o visible consequences...

PT-2025-27684

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A reference leak issue has been identified in the Linux kernel, specifically in the espintcp component. The current caching scheme for the encap socket can lead to reference leaks when...

Security update for glib2

This update for glib2 fixes the following issues: Fixed a possible use after free regression introduced by CVE-2024-34397 patch bsc1224044. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

Ubuntu 20.04 LTS : PHP regression (USN-7157-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7157-2 advisory. USN-7157-1 fixed vulnerabilities in PHP. The patch for CVE-2024-8932 caused a regression in php7.4. This update fixes the problem. Tenable has extracted the...

UBUNTU-CVE-2024-11828

A denial of service DoS condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. By leveraging this vulnerability an attacker could create a DoS condition by sending crafted API calls. This was a regression of an earlie...

python-eventlet: patch regression for CVE-2021-21419 in some Red Hat builds

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-eventlet) security update

An update for python-eventlet is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

python-eventlet: patch regression for CVE-2021-21419 in some Red Hat builds

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products...

SUSE CVE-2023-5625

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products...

CVE-2023-5625

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products...

CVE-2023-5625 Python-eventlet: patch regression for cve-2021-21419 in some red hat builds

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products...

python-eventlet: patch regression for CVE-2021-21419 in some Red Hat builds

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products...

CVE-2010-3854

Multiple cross-site scripting XSS vulnerabilities in the web administration interface aka Futon in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Unpatched input validation flaw in Firefox 2.0.0.4

Firefox 2.0.0.4 contains a fix for a directory traversal vulnerability that allowed you to read local files through the resource protocol. However, the patch only partially fixed the vulnerability on Windows systems and accidentally circumvents an existing input validation check. The net result i...