RHCOS 4 : OpenShift Container Platform 4.4.9 python-psutil (RHSA-2020:2583)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2583 advisory. - python-psutil: Double free because of refcount mishandling CVE-2019-18874 Note that Nessus has not tested for this issue but has instead...

RHCOS 3 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2020:0020)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0020 advisory. - kubernetes: Schema info written with world-writeable permissions when cached CVE-2019-11244 Note that Nessus has not tested for this issue...

RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:2217)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2217 advisory. - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method CVE-2020-11022 Note that Nessus has not tested for this issue bu...

RHCOS 3 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2020:2479)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2479 advisory. - libseccomp-golang: mishandling of multiple argument rules leading to a bypass of intended access restrictions CVE-2017-18367 -...

RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:1287)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1287 advisory. - haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value CVE-2019-18277 - haprox...

EUVD-2021-7720

Malicious code in bioql PyPI...

CentOS 6 : thunderbird (RHSA-2020:4158)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4158 advisory. - Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption an...

CentOS 6 : chromium-browser (RHSA-2020:1981)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1981 advisory. - Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially...

CentOS 6 : kernel (RHSA-2020:2933)

The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2933 advisory. - The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka...

CentOS 6 : chromium-browser (RHSA-2020:1270)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1270 advisory. - usrsctp before 2019-12-20 has out-of-bounds reads in sctploadaddressesfrominit. CVE-2019-20503 - Use after free in WebGL in Google Chrome prior to...

CentOS 7 : firefox (RHSA-2020:1338)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1338 advisory. - Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after- free. We are aware of targeted attacks in t...

CentOS 6 : tomcat6 (RHSA-2020:2529)

The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2529 advisory. - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the...

CentOS 6 : chromium-browser (RHSA-2020:2064)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2064 advisory. - Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

CentOS 6 : java-1.7.1-ibm (RHSA-2020:3387)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3387 advisory. - In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or...

CentOS 7 : java-1.7.1-ibm (RHSA-2020:0468)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0468 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE:...

CentOS 7 : podman (RHSA-2020:2117)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2117 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious containe...

CentOS 6 : unbound (RHSA-2020:2640)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2640 advisory. - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an NXNSAttack issue. This is triggered by random subdomains in the...

CentOS 7 : podman (RHSA-2020:1227)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1227 advisory. - An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the...

CentOS 7 : kpatch-patch (RHSA-2020:0028)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0028 advisory. - Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated user to...

CentOS 7 : kernel (RHSA-2020:0834)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0834 advisory. - The Linux kernel before 5.1-rc5 allows page-refcount reference count overflow, with resultant use-after- free issues, if about 140 GiB of RAM exists...