RockyLinux 8 : edk2:20220126gitbb1bba3d77 (RLSA-2024:11185)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:11185 advisory. edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 Tenable has extracted the preceding description block directly from the RockyLinux security...

RockyLinux 9 : harfbuzz (RLSA-2024:2410)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2410 advisory. harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 Tenable has extracted the preceding description block directly from the...

RockyLinux 8 : virt:rhel and virt-devel:rhel (RLSA-2024:6964)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6964 advisory. QEMU: virtio: DMA reentrancy issue leads to double free vulnerability CVE-2024-3446 QEMU: Denial of Service via Improper Synchronization in QEMU NBD Serv...

RockyLinux 9 : perl (RLSA-2024:2228)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2228 advisory. perl: Write past buffer end via illegal user-defined Unicode property CVE-2023-47038 Tenable has extracted the preceding description block directly from the...

RockyLinux 9 : wget (RLSA-2024:6192)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:6192 advisory. wget: Misinterpretation of input may lead to improper behavior CVE-2024-38428 Tenable has extracted the preceding description block directly from the RockyLinux...

RockyLinux 8 : tuned (RLSA-2024:11161)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:11161 advisory. tuned: improper sanitization of instancename parameter of the instancecreate method CVE-2024-52337 Tenable has extracted the preceding description block directly...

RockyLinux 9 : mod_jk bug fix update (Moderate) (RLSA-2024:7457)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:7457 advisory. The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to...

RockyLinux 9 : exfatprogs (RLSA-2024:2437)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2437 advisory. exfatprogs: exfatprogs allows out-of-bounds memory access CVE-2023-45897 Tenable has extracted the preceding description block directly from the RockyLinux securi...

RockyLinux 8 : mod_auth_openidc:2.3 (RLSA-2024:5289)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5289 advisory. modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating cookies CVE-2024-24814 Tenable has extracted the preceding description block directl...

RockyLinux 8 : resource-agents (RLSA-2024:2952)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2952 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 pycryptodome: side-channel leakage for OAE...

RockyLinux 8 : wget (RLSA-2024:5299)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5299 advisory. wget: Misinterpretation of input may lead to improper behavior CVE-2024-38428 Tenable has extracted the preceding description block directly from the RockyLinux...

RockyLinux 9 : tcpdump (RLSA-2024:2211)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2211 advisory. tcpslice: use-after-free in extractslice CVE-2021-41043 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note...

RockyLinux 8 : openldap (RLSA-2024:4264)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:4264 advisory. openldap: null pointer dereference in bermemallocx function CVE-2023-2953 Tenable has extracted the preceding description block directly from the RockyLinux...

RockyLinux 8 : python3.11 (RLSA-2024:3062)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3062 advisory. python: Parsing errors in email/parseaddr.py lead to incorrect value in email address part of tuple CVE-2023-27043 Tenable has extracted the preceding description...

RockyLinux 9 : motif (RLSA-2024:2217)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2217 advisory. libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with corrupted colormap CVE-2023-43789 Tenable...

RockyLinux 8 : java-17-openjdk (RLSA-2024:4568)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4568 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessiv...

RockyLinux 8 : bind (RLSA-2024:5524)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5524 advisory. bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam CVE-2024-1737 bind9: bind: SIG0 can be used to exhaust CPU...

RockyLinux 8 : postgresql:13 (RLSA-2024:6018)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:6018 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 Tenable has extracted the preceding description block directly from...

RockyLinux 8 : libsndfile (RLSA-2024:3030)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3030 advisory. libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS CVE-2022-33065 Tenable has extracted the preceding description block directly from the...

RockyLinux 8 : libxml2 (RLSA-2024:0119)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0119 advisory. libxml2: crafted xml can cause global buffer overflow CVE-2023-39615 Tenable has extracted the preceding description block directly from the RockyLinux security...