 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.856630 |
| Categoría: | openSUSE Local Security Checks |
| Título: | openSUSE Security Advisory (SUSE-SU-2024:3771-1) |
| Resumen: | The remote host is missing an update for the 'pgadmin4' package(s) announced via the SUSE-SU-2024:3771-1 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'pgadmin4' package(s) announced via the SUSE-SU-2024:3771-1 advisory. Vulnerability Insight: This update for pgadmin4 fixes the following issues: - CVE-2024-38355: Fixed socket.io: unhandled 'error' event (bsc#1226967) - CVE-2024-38998: Fixed requirejs: prototype pollution via function config (bsc#1227248) - CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts._.configure (bsc#1227252) - CVE-2024-39338: Fixed axios: server-side request forgery due to requests for path relative URLs being processed as protocol relative URLs in axios (bsc#1229423) - CVE-2024-4067: Fixed micromatch: vulnerable to Regular Expression Denial of Service (ReDoS) (bsc#1224366) - CVE-2024-4068: Fixed braces: fails to limit the number of characters it can handle, which could lead to Memory Exhaustion (bsc#1224295) - CVE-2024-43788: Fixed webpack: DOM clobbering gadget in AutoPublicPathRuntimeModule could lead to XSS (bsc#1229861) - CVE-2024-48948: Fixed elliptic: ECDSA signature verification error due to leading zero may reject legitimate transactions in elliptic (bsc#1231684) - CVE-2024-48949: Fixed elliptic: Missing Validation in Elliptic's EDDSA Signature Verification (bsc#1231564) - CVE-2024-9014: Fixed OAuth2 issue that could lead to information leak (bsc#1230928) Affected Software/OS: 'pgadmin4' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 9.4 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-38355 https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115 https://github.com/socketio/socket.io/commit/d30630ba10562bf987f4d2b42440fc41a828119c https://github.com/socketio/socket.io/security/advisories/GHSA-25hc-qcg6-38wj Common Vulnerability Exposure (CVE) ID: CVE-2024-38998 Common Vulnerability Exposure (CVE) ID: CVE-2024-38999 Common Vulnerability Exposure (CVE) ID: CVE-2024-39338 Common Vulnerability Exposure (CVE) ID: CVE-2024-4067 https://devhub.checkmarx.com/cve-details/CVE-2024-4067/ https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448 https://github.com/micromatch/micromatch/issues/243 https://github.com/micromatch/micromatch/pull/247 Common Vulnerability Exposure (CVE) ID: CVE-2024-4068 https://devhub.checkmarx.com/cve-details/CVE-2024-4068/ https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff https://github.com/micromatch/braces/issues/35 https://github.com/micromatch/braces/pull/37 https://github.com/micromatch/braces/pull/40 Common Vulnerability Exposure (CVE) ID: CVE-2024-43788 Common Vulnerability Exposure (CVE) ID: CVE-2024-48948 Common Vulnerability Exposure (CVE) ID: CVE-2024-48949 Common Vulnerability Exposure (CVE) ID: CVE-2024-9014 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |