RHCOS 4 : OpenShift Container Platform 4.6.53 (RHSA-2022:0024)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0024 advisory. - haproxy: an HTTP method name may contain a space followed by the name of a protected resource CVE-2021-39241 - haproxy: request...

RHCOS 4 : OpenShift Container Platform 4.7.49 (RHSA-2022:1336)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1336 advisory. - haproxy: Denial of service via set-cookie2 header CVE-2022-0711 Note that Nessus has not tested for this issue but has instead relied only ...

RHCOS 4 : OpenShift Container Platform 4.10.41 (RHSA-2022:7865)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:7865 advisory. - jenkins-plugin: Man-in-the-Middle MitM in org.jenkins-ci.plugins:git-client CVE-2022-36881 Note that Nessus has not tested for this issue b...

RHCOS 4 : OpenShift Container Platform 4.10.25 (RHSA-2022:5729)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5729 advisory. - golang: cmd/go: misinterpretation of branch names can lead to incorrect access control CVE-2022-23773 - golang: crypto/elliptic:...

RHCOS 4 : OpenShift Container Platform 4.11.1 (RHSA-2022:6102)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6102 advisory. - golang: crypto/tls: session tickets lack random ticketageadd CVE-2022-30629 Note that Nessus has not tested for this issue but has instead...

RHCOS 4 : OpenShift Container Platform 4.10.28 (RHSA-2022:6094)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6094 advisory. - golang: cmd/go: misinterpretation of branch names can lead to incorrect access control CVE-2022-23773 - golang: crypto/elliptic:...

RHSA-2022:8506

creationtimestamp| type| source ---|---|--- 2024-11-06 14:59:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113436599869560909...

CentOS 7 : pcs (RHSA-2022:7343)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7343 advisory. - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. ...

CentOS 7 : firefox (RHSA-2022:4729)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4729 advisory. - An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototy...

CentOS 7 : firefox (RHSA-2022:6997)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6997 advisory. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has...

CentOS 7 : thunderbird (RHSA-2022:6710)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6710 advisory. - When receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the inner HTML document, remote objects...

CentOS 7 : php-pear (RHSA-2022:7340)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7340 advisory. - ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948 - ArchiveTar through...

CentOS 7 : java-1.8.0-ibm (RHSA-2022:0968)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0968 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are...

CentOS 7 : java-1.7.1-ibm (RHSA-2022:0969)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0969 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are...

CentOS 7 : thunderbird (RHSA-2022:4730)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4730 advisory. - An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototy...

CentOS 7 : firefox (RHSA-2022:1284)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:1284 advisory. - NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free a...

CentOS 7 : kpatch-patch (RHSA-2022:1185)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1185 advisory. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to...

CentOS 7 : java-1.8.0-ibm (RHSA-2022:4959)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4959 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected ar...

CentOS 7 : kernel (RHSA-2022:5937)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5937 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosu...

CentOS 7 : kpatch-patch (RHSA-2022:7344)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7344 advisory. - It was discovered that the clsroute filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handl...