EulerOS Virtualization 2.11.1 : gnutls (EulerOS-SA-2024-2167)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems lik...

EulerOS Virtualization 2.11.0 : gnutls (EulerOS-SA-2024-2192)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems lik...

EulerOS Virtualization 2.11.1 : openssl (EulerOS-SA-2024-2160)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Use After Free with SSLfreebuffersCVE-2024-4741 Issue summary: Some non-default TLS server configurations can cause unbounded memo...

EulerOS Virtualization 2.11.1 : python-pip (EulerOS-SA-2024-2161)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any...

EulerOS Virtualization 2.11.0 : util-linux (EulerOS-SA-2024-2204)

According to the versions of the util-linux package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An attacker with the ability to modify physical memory can control the value of AcpiS3ResumeRecord- ResumeCount. If the attacker...

EulerOS Virtualization 2.11.1 : libtiff (EulerOS-SA-2024-2157)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:780...

EulerOS Virtualization 2.11.0 : less (EulerOS-SA-2024-2180)

According to the versions of the less package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename....

EulerOS Virtualization 2.11.1 : tpm2-tss (EulerOS-SA-2024-2163)

According to the versions of the tpm2-tss package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : This repository hosts source code implementing the Trusted Computing Group's TCG TPM2 Software Stack TSS. The JSON Quote Info...

EulerOS Virtualization 2.11.0 : nghttp2 (EulerOS-SA-2024-2197)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps...

EulerOS Virtualization 2.11.0 : llvm (EulerOS-SA-2024-2195)

According to the versions of the llvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata function via a crafted pdflatex.fmt file or perhaps a crafted .o...

EulerOS Virtualization 2.11.1 : openssh (EulerOS-SA-2024-2159)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A signal handler race condition was found in OpenSSH's server sshd, where a client does not authenticate within LoginGraceTime...

EulerOS Virtualization 2.11.1 : libvirt (EulerOS-SA-2024-2175)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An off-by-one error flaw was found in the udevListInterfacesByStatus function in libvirt when the number of interfaces exceeds the...

EulerOS Virtualization 2.11.1 : python3 (EulerOS-SA-2024-2172)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18...

EulerOS Virtualization 2.11.1 : libarchive (EulerOS-SA-2024-2156)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Windows Libarchive Remote Code Execution VulnerabilityCVE-2024-20696 Tenable has extracted the preceding description block...

EulerOS Virtualization 2.11.1 : systemd (EulerOS-SA-2024-2162)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denia...

EulerOS Virtualization 2.11.1 : expat (EulerOS-SA-2024-2166)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers created via...

EulerOS Virtualization 2.11.1 : curl (EulerOS-SA-2024-2164)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the...

EulerOS Virtualization 2.11.1 : emacs (EulerOS-SA-2024-2165)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.CVE-2024-30205 I...

EulerOS Virtualization 2.11.1 : httpd (EulerOS-SA-2024-2168)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 respons...

EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-2178)

"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while...