Site icon API Security Blog

AlmaLinux 8 : fence-agents (ALSA-2024:6309)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6309 advisory. * urllib3: proxy-authorization request header is not stripped during cross-origin redirects (CVE-2024-37891) * pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools (CVE-2024-6345) Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More

Exit mobile version