Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2024.0079
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2024-0079)
Zusammenfassung:	The remote host is missing an update for the 'libuv' package(s) announced via the MGASA-2024-0079 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libuv' package(s) announced via the MGASA-2024-0079 advisory. Vulnerability Insight: It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks. (CVE-2024-24806) Affected Software/OS: 'libuv' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2024-24806 https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629 https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70 https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488 https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39 https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 https://lists.debian.org/debian-lts-announce/2024/03/msg00005.html http://www.openwall.com/lists/oss-security/2024/02/08/2 http://www.openwall.com/lists/oss-security/2024/02/11/1 http://www.openwall.com/lists/oss-security/2024/03/11/1
Copyright	Copyright (C) 2024 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.