RHEL 7 : CloudForms 4.7.5 (RHSA-2019:1429)
Discription

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1429 advisory. rubygems: Delete directory using symlink when decompressing tar (CVE-2019-8320) rubygems: Escape sequence injection vulnerability in verbose (CVE-2019-8321) rubygems: Escape sequence injection vulnerability in gem owner (CVE-2019-8322) rubygems: Escape sequence injection vulnerability in API response handling (CVE-2019-8323) rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324) rubygems: Escape sequence injection vulnerability in errors (CVE-2019-8325) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More

Back to Main

Subscribe for the latest news: