Fedora: Security Advisory (FEDORA-2025-99309ef35f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-d8a379a267)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-61750 CVE-2025-22872 affecting package yq 4.45.1-1

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

Fedora: Security Advisory (FEDORA-2025-93d6242840)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : yq (2025-93d6242840)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-93d6242840 advisory. Rebuilt against golang-x-net 0.33.0 for CVE-2024-45338 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora 41 : yq (2025-cd51e0177b)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cd51e0177b advisory. Rebuilt against golang-x-net 0.33.0 for CVE-2024-45338 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

OPENSUSE-SU-2025:14639-1 yq-4.44.6-1.1 on GA media

These are all security issues fixed in the yq-4.44.6-1.1 package on the GA media of openSUSE Tumbleweed...

Security Bulletin: IBM Cloud Pak for Data Scheduling contains a vulnerable yq package. [CVE-2023-39320, CVE-2023-39321 and CVE-2023-39322]

Summary Yq is used by IBM Cloud Pak for Data Scheduling as part of the Ansible operator used for installation of the Scheduler. This bulletin identifies the steps to take to address the below vulnerabilities. Vulnerability Details CVEID:CVE-2023-39320 DESCRIPTION: Golang Go could allow a remote...

openSUSE: Security Advisory for yq (SUSE-SU-2023:4000-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...