The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2597-1 advisory. – CVE-2024-36387: Fixed DoS by null pointer in websocket over HTTP/2 (bsc#1227272) – CVE-2024-38475: Fixed improper escaping of output in mod_rewrite (bsc#1227268) – CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect (bsc#1227269) Tenable has extracted the preceding description block directly from the SUSE security advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More