ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0079
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0079)
Resumen:	The remote host is missing an update for the 'libuv' package(s) announced via the MGASA-2024-0079 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libuv' package(s) announced via the MGASA-2024-0079 advisory. Vulnerability Insight: It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks. (CVE-2024-24806) Affected Software/OS: 'libuv' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-24806 https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629 https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70 https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488 https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39 https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 https://lists.debian.org/debian-lts-announce/2024/03/msg00005.html http://www.openwall.com/lists/oss-security/2024/02/08/2 http://www.openwall.com/lists/oss-security/2024/02/11/1 http://www.openwall.com/lists/oss-security/2024/03/11/1
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.