The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3470-1 advisory. – CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module (bsc#1228780). – CVE-2024-5642: Fixed buffer overread when NPN is used and invalid values are sent to the OpenSSL API (bsc#1227233). – CVE-2024-7592: Fixed Email header injection due to unquoted newlines (bsc#1229596). – CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) Bug fixes: – %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999). – Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378). – Remove %suse_update_desktop_file macro as it is not useful any more. Tenable has extracted the preceding description block directly from the SUSE security advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More