6249 matches found
EulerOS Virtualization 2.9.1 : openssh (EulerOS-SA-2024-1460)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
EulerOS Virtualization 2.11.0 : python-urllib3 (EulerOS-SA-2024-1435)
According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...
EulerOS Virtualization 2.9.0 : mozjs60 (EulerOS-SA-2024-1473)
According to the versions of the mozjs60 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an...
EulerOS Virtualization 2.11.0 : python3 (EulerOS-SA-2024-1434)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It...
EulerOS Virtualization 2.11.1 : nghttp2 (EulerOS-SA-2024-1405)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...
EulerOS Virtualization 2.9.1 : shim (EulerOS-SA-2024-1462)
According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow...
EulerOS Virtualization 2.11.0 : bind (EulerOS-SA-2024-1423)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion...
EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2024-1387)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very...
EulerOS Virtualization 2.10.1 : glibc (EulerOS-SA-2024-1357)
According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulti...
EulerOS Virtualization 2.10.0 : python-urllib3 (EulerOS-SA-2024-1390)
According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...
EulerOS 2.0 SP11 : docker-runc (EulerOS-SA-2024-1234)
According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...
EulerOS 2.0 SP11 : sudo (EulerOS-SA-2024-1229)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.15 might allow row hammer attacks for authentication bypass or privilege escalation because application logic sometimes is based on...
EulerOS 2.0 SP8 : python-mako (EulerOS-SA-2024-1294)
According to the versions of the python-mako packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects...
EulerOS 2.0 SP8 : grub2 (EulerOS-SA-2024-1270)
According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS...
EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-1236)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...
EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-1214)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...
EulerOS 2.0 SP8 : golang (EulerOS-SA-2024-1269)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...
EulerOS 2.0 SP8 : binutils (EulerOS-SA-2024-1257)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Heap-based Buffer Overflow in function bfdgetl32 in Binutils objdump 3.37. CVE-2021-46174 - GNU Binutils before 2.40 was discovered to contain...
EulerOS 2.0 SP8 : php (EulerOS-SA-2024-1288)
According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track...
EulerOS 2.0 SP8 : linux-firmware (EulerOS-SA-2024-1284)
According to the versions of the linux-firmware packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Improper access control for some IntelR PROSet/Wireless WiFi and KillerTM WiFi software may allow a privileged user to potentially enabl...