[R1] Nessus 8.3.0 Fixes Multiple Third-party Vulnerabilities

2019-03-26T17:40:07
ID TENABLE:24FC3FF3269C3ABBD931E5BAA1AF4524
Type tenable
Reporter Arnie Cabral
Modified 2019-03-26T17:40:07

Description

Nessus leverages third-party software to help provide underlying functionality. Two separate third-party components (OpenSSL and Moment.js) were found to contain vulnerabilities, and updated versions have been made available by the providers.

Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of these issues in Nessus. Nessus 8.3.0 updates OpenSSL to version 1.0.2r and Moment.js to 2.19.3 to address the identified vulnerabilities.