34 matches found
MiracleLinux 8 : prometheus-jmx-exporter-0.12.0-8.el8 (AXSA:2022-3880:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3880:02 advisory. snakeyaml: Denial of Service due to missing nested depth limitation for collections CVE-2022-25857 Tenable has extracted the preceding description block...
MiracleLinux 8 : prometheus-jmx-exporter-0.12.0-6.el8 (AXSA:2021-1339:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1339:01 advisory. snakeyaml: Billion laughs attack via alias feature CVE-2017-18640 Tenable has extracted the preceding description block directly from the MiracleLinux securi...
MiracleLinux 8 : prometheus-jmx-exporter-0.12.0-9.el8 (AXSA:2022-4526:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4526:04 advisory. SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-1471 Tenable has extracted the preceding description block directly from the MiracleLin...
RHSA-2022:9058 Red Hat Security Advisory: prometheus-jmx-exporter security update
Bulletin has no description...
RHSA-2020:4807 Red Hat Security Advisory: prometheus-jmx-exporter security update
Bulletin has no description...
Rocky Linux 8 : prometheus-jmx-exporter (RLSA-2020:4807)
The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2020:4807 advisory. - The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564. CVE-2017-18640 Note that Nessus h...
Rocky Linux 8 : prometheus-jmx-exporter (RLSA-2022:9058)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:9058 advisory. - SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can...
RHEL 8 : prometheus-jmx-exporter (RHSA-2022:9058)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:9058 advisory. Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Security...
AlmaLinux 8 : prometheus-jmx-exporter (ALSA-2022:9058)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:9058 advisory. - SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can le...
Important: Red Hat Security Advisory: prometheus-jmx-exporter security update
An update for prometheus-jmx-exporter is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:9058 Important: prometheus-jmx-exporter security update
Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Security Fixes: SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-1471 For more details about the security issues, including the impact, a...
prometheus-jmx-exporter security update
An update is available for prometheus-jmx-exporter. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Prometheus JMX Exporter is a JMX to Prometheus exporter: a...
ALSA-2022:9058 Important: prometheus-jmx-exporter security update
Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Security Fixes: SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-1471 For more details about the security issues, including the impact, a...
Oracle Linux 8 : ELSA-2022-9058-1: / prometheus-jmx-exporter (ELSA-2022-90581)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-90581 advisory. 0.12.0-9 - Fix CVE-2022-1471 by using SafeConstructor. Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
Important: prometheus-jmx-exporter security update
Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Security Fixes: SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-1471 For more details about the security issues, including the impact, a...
prometheus-jmx-exporter bug fix and enhancement update
An update is available for prometheus-jmx-exporter. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
AlmaLinux 8 : prometheus-jmx-exporter (ALSA-2022:6820)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:6820 advisory. - The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
Moderate: Red Hat Security Advisory: prometheus-jmx-exporter security update
An update for prometheus-jmx-exporter is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:6820 Moderate: prometheus-jmx-exporter security update
Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Security Fixes: snakeyaml: Denial of Service due to missing nested depth limitation for collections CVE-2022-25857 For more details about the security issues,...
prometheus-jmx-exporter security update
An update is available for prometheus-jmx-exporter. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Prometheus JMX Exporter is a JMX to Prometheus exporter: a...