CVE-2026-34743 affecting package xz for versions less than 5.4.4-3

CVE-2026-34743 affecting package xz for versions less than 5.4.4-3. A patched version of the package is available...

Photon OS 5.0: Xz PHSA-2026-5.0-0830

An update of the xz package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0830. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid310101...

Mageia: Security Advisory (MGASA-2026-0084)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2026-090-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 8 : xz-5.2.4-4.el8 (AXSA:2022-3662:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3662:02 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 9 : xz-5.2.5-8.el9 (AXSA:2022-3977:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3977:03 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 7 : xz-5.2.2-2.el7 (AXSA:2022-3278:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3278:01 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

Linux Distros Unpatched Vulnerability : CVE-2025-58058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte...

CVE-2025-58058

A memory leak flaw has been discovered in the golang github.com/ulikunitz/xz package. In affected versions, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the curren...

AZL-66750 CVE-2025-58058 affecting package terraform for versions less than 1.3.2-27

xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...

ROOT-OS-ALPINE-319-CVE-2024-47611 CVE-2024-47611 in rootio-xz - Patched by Root

Root has patched CVE-2024-47611 in the rootio-xz package for Root:Alpine:3.19. Multiple fixed versions available...

RHEL 10 : xz (RHSA-2025:7524)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7524 advisory. XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv- Markov chain algorithm LZMA, which performs...

SUSE: Security Advisory (SUSE-SU-2025:1137-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-7f00e5e744)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-4871b31998)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : perl-Compress-Raw-Lzma / xz (2025-051becf4f2)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-051becf4f2 advisory. xz 5.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but...

Fedora 40 : perl-Compress-Raw-Lzma / xz (2025-4871b31998)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-4871b31998 advisory. xz 5.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but...

CVE-2025-31115 affecting package xz for versions less than 5.4.4-2

CVE-2025-31115 affecting package xz for versions less than 5.4.4-2. A patched version of the package is available...

Mageia: Security Advisory (MGASA-2025-0131)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:1137-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...