RHEL 9 : fence-agents (RHSA-2024:2132)
Discription

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2132 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET (CVE-2023-45803) pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex (CVE-2023-52323) jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More

Back to Main

Subscribe for the latest news: