125 matches found
CVE-2026-33056 affecting package rpm-ostree for versions less than 2024.4-10
CVE-2026-33056 affecting package rpm-ostree for versions less than 2024.4-10. A patched version of the package is available...
CVE-2026-33055 affecting package rpm-ostree for versions less than 2024.4-10
CVE-2026-33055 affecting package rpm-ostree for versions less than 2024.4-10. A patched version of the package is available...
CVE-2026-25541 affecting package rpm-ostree for versions less than 2024.4-8
CVE-2026-25541 affecting package rpm-ostree for versions less than 2024.4-8. A patched version of the package is available...
CVE-2025-58160 affecting package rpm-ostree for versions less than 2024.4-8
CVE-2025-58160 affecting package rpm-ostree for versions less than 2024.4-8. A patched version of the package is available...
CVE-2025-58160 affecting package rpm-ostree for versions less than 2022.1-8
CVE-2025-58160 affecting package rpm-ostree for versions less than 2022.1-8. A patched version of the package is available...
AZL-76715 CVE-2026-25541 affecting package rpm-ostree 2024.4-6
Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...
Azure Linux 3.0 Security Update: rpm-ostree (CVE-2021-32714)
The version of rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-32714 advisory. - hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had...
Azure Linux 3.0 Security Update: rpm-ostree (CVE-2021-32715)
The version of rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-32715 advisory. - hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and...
Azure Linux 3.0 Security Update: rpm-ostree (CVE-2024-2905)
The version of rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2905 advisory. - A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in...
Azure Linux 3.0 Security Update: rpm-ostree (CVE-2021-45707)
The version of rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-45707 advisory. - An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22....
MiracleLinux 9 : rpm-ostree-2024.3-3.el9_4 (AXSA:2024-8423:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8423:04 advisory. rpm-ostree: world-readable /etc/shadow file 9.4.z JIRA:RHEL-31852 CVE-2024-2905 A security vulnerability has been discovered within rpm-ostree, pertaining to...
MiracleLinux 9 : rpm-ostree-2025.5-1.el9 (AXSA:2025-10337:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10337:01 advisory. rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 Tenable has extracted the preceding description block directly from the...
EUVD-2017-11784
Malware in sbrugna...
EUVD-2025-6496
Malicious code in bioql PyPI...
EUVD-2024-27849
Malicious code in bioql PyPI...
AZL-73244 CVE-2025-58160 affecting package rpm-ostree for versions less than 2022.1-8
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AZL-73217 CVE-2025-58160 affecting package rpm-ostree 2024.4-6
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AlmaLinux 9 : rpm-ostree (ALSA-2025:7147)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7147 advisory. rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 Tenable has extracted the preceding description block directly from the AlmaLinux...
RHBA-2025:4872 Red Hat Bug Fix Advisory: rpm-ostree bug fix and enhancement update
Bulletin has no description...
CVE-2024-2905 affecting package rpm-ostree for versions less than 2024.4-3
CVE-2024-2905 affecting package rpm-ostree for versions less than 2024.4-3. A patched version of the package is available...