EulerOS 2.0 SP9 : openssh (EulerOS-SA-2026-1009)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent...

EulerOS 2.0 SP9 : libtheora (EulerOS-SA-2025-2131)

According to the versions of the libtheora packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ochufftreeunpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2025-1039)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of...

EulerOS 2.0 SP9 : busybox (EulerOS-SA-2025-1052)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2025-1059)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822...

EulerOS 2.0 SP9 : python-urllib3 (EulerOS-SA-2025-1062)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2025-1041)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2025-1038)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2025-1040)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : rtnetlink: Correct nested IFLAVFVLANLIST attribute validationCVE-2024-36017 netfilter: nftables: Fix potential data-race in...

EulerOS 2.0 SP9 : OpenIPMI (EulerOS-SA-2024-2817)

According to the versions of the OpenIPMI packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenIPMI before 2.0.36 has an out-of-bounds array access for authentication type in the ipmisim simulator, resulting in denial of service or wit...

EulerOS 2.0 SP9 : golang (EulerOS-SA-2024-2813)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an 'Expect: 100-continue' header with a non-information...

EulerOS 2.0 SP9 : golang (EulerOS-SA-2024-2830)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an 'Expect: 100-continue' header with a non-information...

EulerOS 2.0 SP9 : OpenIPMI (EulerOS-SA-2024-2834)

According to the versions of the OpenIPMI packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenIPMI before 2.0.36 has an out-of-bounds array access for authentication type in the ipmisim simulator, resulting in denial of service or wit...

EulerOS 2.0 SP9 : unbound (EulerOS-SA-2024-2822)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A NULL pointer dereference flaw was found in the ubctxsetfwd function in Unbound. This issue could allow an attacker who can invoke specific...

EulerOS 2.0 SP9 : gdk-pixbuf2 (EulerOS-SA-2024-2828)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk ...

EulerOS 2.0 SP9 : expat (EulerOS-SA-2024-2827)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time.CVE-2023-52426 An issue was discovered in libexp...

EulerOS 2.0 SP9 : vim (EulerOS-SA-2024-2841)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack...

EulerOS 2.0 SP9 : ruby (EulerOS-SA-2024-2821)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an...

EulerOS 2.0 SP9 : busybox (EulerOS-SA-2024-2383)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was discovered in xasprintf function in xfuncsprintf.c:344 in BusyBox v.1.36.1.CVE-2023-42363 Tenable has extracted...

EulerOS 2.0 SP9 : wget (EulerOS-SA-2024-2382)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data...