85 matches found
Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1696)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1696 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1651)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1651 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of t...
@restura/core (>=0.1.0-alpha.12 <=2.0.3), @restura/logger (=1.0.1) +42 more potentially affected by CVE-2023-26132 +1 more via dottie (>=2.0.4 <=2.0.6)
dottie NPM version =2.0.4, =0.1.0-alpha.12, =1.3.53, =1.0.25, =1.0.25, =1.0.25, =1.0.25, =1.0.25, =1.0.21, =1.0.25, =1.0.25, =1.0.25, =1.3.44, =1.3.53, =1.3.35, =1.6.13-alpha.7 and more Source cves: CVE-2023-26132, CVE-2026-27837 Source advisory: SNYK:JS-DOTTIE-15360180...
MiracleLinux 9 : containernetworking-plugins-1.3.0-4.el9 (AXSA:2023-6651:02)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6651:02 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPA...
MiracleLinux 9 : device-mapper-multipath-0.8.7-20.el9 (AXSA:2023-5420:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5420:04 advisory. device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 Tenable has extracted the preceding...
MiracleLinux 9 : LibRaw-0.20.2-6.el9 (AXSA:2023-6676:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6676:01 advisory. LibRaw: stack buffer overflow in LibRawbufferdatastream::gets in src/librawdatastream.cpp CVE-2021-32142 Tenable has extracted the preceding description bloc...
MiracleLinux 9 : java-11-openjdk-11.0.18.0.10-2.el9 (AXSA:2023-5032:05)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5032:05 advisory. OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742...
MiracleLinux 9 : java-11-openjdk-11.0.21.0.9-2.el9.ML.1 (AXSA:2023-6542:22)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6542:22 advisory. OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 Tenable has extracted the preceding description block directly...
MiracleLinux 9 : curl-7.76.1-19.el9.2 (AXSA:2023-5290:06)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5290:06 advisory. curl: HTTP multi-header compression denial of service CVE-2023-23916 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : ghostscript-9.54.0-14.el9 (AXSA:2023-7027:06)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7027:06 advisory. Ghostscript: GhostPDL can lead to remote code execution via crafted PostScript documents CVE-2023-43115 Tenable has extracted the preceding...
MiracleLinux 9 : podman-4.6.1-5.el9 (AXSA:2023-6760:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6760:07 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPA...
MiracleLinux 9 : thunderbird-115.4.1-1.el9.ML.1 (AXSA:2023-6564:30)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6564:30 advisory. Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR...
MiracleLinux 8 : thunderbird-102.14.0-1.el8.ML.1 (AXSA:2023-6346:23)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6346:23 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...
MiracleLinux 7 : firefox-102.12.0-1.0.1.el7.AXS7 (AXSA:2023-6069:20)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6069:20 advisory. Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR...
MiracleLinux 9 : libXpm-3.5.13-8.el9 (AXSA:2023-5006:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5006:03 advisory. libXpm: compression commands depend on $PATH CVE-2022-4883 libXpm: Runaway loop on width of 0 and enormous height CVE-2022-44617 libXpm: Infinite lo...
MiracleLinux 9 : pcs-0.11.3-4.el9.2.ML.1 (AXSA:2023-5189:06)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5189:06 advisory. sinatra: Reflected File Download attack CVE-2022-45442 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
MiracleLinux 9 : cups-2.3.3op2-16.el9.1 (AXSA:2023-6372:08)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6372:08 advisory. cups: Information leak through Cups-Get-Document operation CVE-2023-32360 Tenable has extracted the preceding description block directly from the MiracleLinu...
MiracleLinux 9 : dotnet7.0-7.0.113-1.el9.ML.1 (AXSA:2023-6563:30)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6563:30 advisory. dotnet: Denial of Service with Client Certificates using .NET Kestrel CVE-2023-36799 Tenable has extracted the preceding description block directly from the...
MiracleLinux 9 : qemu-kvm-8.0.0-16.el9.1.ML.1 (AXSA:2023-7001:07)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7001:07 advisory. QEMU: hcd-ehci: DMA reentrancy issue incomplete fix for CVE-2021-3750 CVE-2023-2680 Tenable has extracted the preceding description block directly from the...
MiracleLinux 8 : tomcat-9.0.62-5.el8.2 (AXSA:2023-6527:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6527:03 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...