MiracleLinux 8 : grafana-pcp-5.1.1-2.el8_9.ML.1 (AXSA:2024-7661:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7661:02 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Bug Fixes: TRIAGE CVE-2024-1394 grafana-pcp:...

TencentOS Server 3: grafana-pcp (TSSA-2024:0101)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0101 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0082: go-toolset:an8 (ALINUX3-SA-2024:0082)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0082 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-1394: A memory leak flaw was found in Gola...

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

Debian: Security Advisory (DLA-593-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2016-0290 Updated nettle/nettle2.7 packages fix security vulnerability

The cryptographic library nettle had a potential information leak problem reported. RSA code is vulnerable to cache sharing related attacks CVE-2016-6489...

[SECURITY] [DLA 593-1] nettle security update

Package : nettle Version : 2.4-3+deb7u1 CVE ID : CVE-2016-6489 Debian Bug : 832983 The cryptographic library nettle had a potential information leak problem reported. CVE-2016-6489 RSA code is vulnerable to cache sharing related attacks. For Debian 7 "Wheezy", this problems has been fixed in...

Nettle RSA Code Local Information Disclosure Vulnerability

Nettle is a library of basic cryptographic functions. A local information disclosure vulnerability exists in Nettle RSA Code, which can be exploited by a local attacker to obtain sensitive information...

[SECURITY] New version of gnupg installed

Package: gnupg Debian-specific: no The version of gnupg that was distributed in Debian GNU/Linux 2.2 had a logic error in the code that checks for valid signatures which could cause false positive results: Jim Small discovered that if the input contained multiple signed sections the exit-code gnu...