EulerOS Virtualization 2.12.0 : openssh (EulerOS-SA-2024-2333)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without...

EulerOS Virtualization 2.12.0 : expat (EulerOS-SA-2024-2324)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers created via...

EulerOS Virtualization 2.12.0 : less (EulerOS-SA-2024-2329)

According to the versions of the less package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename....

EulerOS Virtualization 2.12.1 : openssh (EulerOS-SA-2024-2313)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without...

EulerOS Virtualization 2.12.0 : gnutls (EulerOS-SA-2024-2326)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem...

EulerOS Virtualization 2.12.1 : gnutls (EulerOS-SA-2024-2306)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem...

EulerOS Virtualization 2.12.0 : tpm2-tss (EulerOS-SA-2024-2339)

According to the versions of the tpm2-tss package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : This repository hosts source code implementing the Trusted Computing Group's TCG TPM2 Software Stack TSS. The JSON Quote Info...

EulerOS Virtualization 2.12.0 : nghttp2 (EulerOS-SA-2024-2332)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps...

EulerOS Virtualization 2.12.0 : sssd (EulerOS-SA-2024-2337)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to...

EulerOS Virtualization 2.12.0 : python-pillow (EulerOS-SA-2024-2336)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219...

EulerOS Virtualization 2.12.0 : mod_http2 (EulerOS-SA-2024-2331)

According to the versions of the modhttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413...

EulerOS Virtualization 2.12.1 : mod_http2 (EulerOS-SA-2024-2311)

According to the versions of the modhttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413...

EulerOS Virtualization 2.12.0 : httpd (EulerOS-SA-2024-2327)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into...

EulerOS Virtualization 2.12.1 : httpd (EulerOS-SA-2024-2307)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into...

EulerOS Virtualization 2.12.0 : util-linux (EulerOS-SA-2024-2340)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users...

EulerOS Virtualization 2.12.0 : libyaml (EulerOS-SA-2024-2330)

According to the versions of the libyaml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affected by this issue is the function...

EulerOS Virtualization 2.12.1 : glibc (EulerOS-SA-2024-2305)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when...

EulerOS Virtualization 2.12.1 : util-linux (EulerOS-SA-2024-2320)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users...

EulerOS Virtualization 2.12.1 : sssd (EulerOS-SA-2024-2317)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to...

EulerOS Virtualization 2.12.0 : systemd (EulerOS-SA-2024-2338)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cau...