Lucene search
K

540 matches found

OSV
OSV
added 2025/10/10 5:50 a.m.8 views

RLSA-2025:15887 Moderate: opentelemetry-collector security update

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score,...

6.8CVSS7.2AI score0.0056EPSS
Exploits0References2
OSV
OSV
added 2025/10/03 7:56 p.m.8 views

RLSA-2025:12850 Moderate: opentelemetry-collector security update

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS score...

5.4CVSS7.6AI score0.00778EPSS
Exploits0References2
OSV
OSV
added 2025/10/03 7:56 p.m.6 views

RLSA-2025:7479 Important: opentelemetry-collector security update

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144 golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jw...

7.5CVSS6.6AI score0.00804EPSS
Exploits0References5
OSV
OSV
added 2025/05/07 7:11 p.m.5 views

RLSA-2024:4367 Important: pki-core security update

The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: dogtag ca: token authentication bypass vulnerability CVE-2023-4727 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.9AI score0.00659EPSS
Exploits0References2
OSV
OSV
added 2024/07/03 9:27 p.m.20 views

RLSA-2024:4165 Important: pki-core security update

The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: dogtag ca: token authentication bypass vulnerability CVE-2023-4727 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.7AI score0.00659EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.33 views

RLSA-2024:3061 Moderate: pki-core:10.6 and pki-deps:10.6 security update

The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 For more details about the security issues, including th...

7.5CVSS7.5AI score0.0486EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.34 views

RLSA-2024:3267 Moderate: idm:DL1 and idm:client security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: JWCrypto: denail of service Via specifically crafted JWE CVE-2023-6681...

6.8CVSS6.2AI score0.0098EPSS
Exploits1References3
OSV
OSV
added 2024/06/14 1:59 p.m.36 views

RLSA-2024:3755 Important: idm:DL1 security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate...

8.8CVSS8.5AI score0.02053EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2024/06/14 1:59 p.m.29 views

idm:DL1 security update

An update is available for module.pyusb, module.opendnssec, custodia, module.custodia, pyusb, module.python-kdcproxy, module.slapi-nis, opendnssec, python-yubico, slapi-nis, ipa-healthcheck, softhsm, module.python-qrcode, module.softhsm, module.ipa-healthcheck, python-qrcode, module.python-yubico...

5.3CVSS6.7AI score0.0111EPSS
Exploits1
Rockylinux
Rockylinux
added 2024/05/10 2:32 p.m.16 views

gcc-toolset-13-annobin bug fix and enhancement update

An update is available for gcc-toolset-13-annobin. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

6.9AI score
Exploits0
Rockylinux
Rockylinux
added 2024/05/06 1:4 p.m.55 views

DL1 bug fix update

An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...

7.2AI score
Exploits0
Rockylinux
Rockylinux
added 2023/10/24 6:36 p.m.74 views

nodejs security update

An update is available for nodejs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform for building fast and scalable...

7.5CVSS7.4AI score0.99999EPSS
Exploits19
OSV
OSV
added 2023/08/28 6:41 p.m.34 views

RLSA-2023:4706 Important: subscription-manager security update

The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Rocky Enterprise Software Foundation entitlement platform. Security Fixes: subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allow...

7.8CVSS7.7AI score0.00253EPSS
Exploits0References2
OSV
OSV
added 2022/11/15 6:12 a.m.23 views

RLSA-2022:7968 Low: virt-v2v security, bug fix, and enhancement update

The virt-v2v package provides a tool for converting virtual machines to use the KVM Kernel-based Virtual Machine hypervisor or Rocky Enterprise Software Foundation Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can...

5.5CVSS6.5AI score0.00875EPSS
Exploits0References33
Rockylinux
Rockylinux
added 2022/11/15 6:12 a.m.31 views

virt-v2v security, bug fix, and enhancement update

An update is available for virt-v2v. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-v2v package provides a tool for converting virtual machines to use...

6.5CVSS6.6AI score0.00875EPSS
Exploits0
OSV
OSV
added 2022/11/08 6:20 a.m.23 views

RLSA-2022:7470 Important: pki-core:10.6 and pki-deps:10.6 security and bug fix update

The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 For more details about the security issues, including the...

7.5CVSS6.7AI score0.85323EPSS
Exploits3References4
OSV
OSV
added 2022/11/02 1:54 p.m.21 views

RLSA-2022:7326 Important: pki-core security update

The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 For more details about the security issues, including the...

7.5CVSS6.8AI score0.85323EPSS
Exploits3References2
Rockylinux
Rockylinux
added 2022/08/02 7:6 a.m.11 views

insights-client bug fix and enhancement update

An update is available for insights-client. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Insights is a service that...

1.9AI score
Exploits0
Rockylinux
Rockylinux
added 2022/07/05 1:55 p.m.69 views

Satellite 6.11 Release

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...

9.8CVSS8.7AI score0.49246EPSS
Exploits14
Rockylinux
Rockylinux
added 2022/05/17 8:15 a.m.10 views

new packages: units

An update is available for units. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

2AI score
Exploits0
Rows per page
Query Builder