The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5867-1 advisory.

– * Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving frame discard to avoid audio/video desynchronization, among other fixes. * Disable HLS media playback by default, which makes web sites use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can be set in the environment to enable it back. * Disable threaded rendering in GTK4 builds by default, as it was causing crashes. * Fix MediaSession API not showing artwork images. * Fix MediaSession MPRIS usage when running inside a Flatpak sandbox. * Fix input element controls to correctly scale when applying a zoom factor different than the default. * Fix leakage of Web processes in certain situations. * Fix several crashes and rendering issues. * Security fixes:
CVE-2023-23517, CVE-2023-23518, CVE-2022-42826, and many additional security issues (CVE-2022-42826)

– The issue was addressed with improved memory handling. (CVE-2023-23517, CVE-2023-23518)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More