The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3341-1 advisory. – CVE-2021-25743: escape, meta and control sequences in raw data output to terminal not neutralized. (bsc#1194400) – CVE-2023-2727: bypass of policies imposed by the ImagePolicyWebhook admission plugin. (bsc#1211630) – CVE-2023-2728: bypass of the mountable secrets policy enforced by the ServiceAccount admission plugin. (bsc#1211631) – CVE-2023-39325: go1.20: excessive resource consumption when dealing with rapid stream resets. (bsc#1229869) – CVE-2023-44487: google.golang.org/grpc, kube-apiserver: HTTP/2 rapid reset vulnerability. (bsc#1229869) – CVE-2023-45288: golang.org/x/net: excessive CPU consumption when processing unlimited sets of headers. (bsc#1229869) – CVE-2024-0793: kube-controller-manager pod crash when processing malformed HPA v1 manifests. (bsc#1219964) – CVE-2024-3177: bypass of the mountable secrets policy enforced by the ServiceAccount admission plugin. (bsc#1222539) – CVE-2024-24786: github.com/golang/protobuf: infinite loop when unmarshaling invalid JSON. (bsc#1229867) Bug fixes: – Use -trimpath in non-DBG mode for reproducible builds. (bsc#1062303) – Fix multiple issues for successful `kubeadm init` run. (bsc#1214406) – Update go to version 1.22.5 in build requirements. (bsc#1229858) Tenable has extracted the preceding description block directly from the SUSE security advisory. Note…Read More