Test ID:	1.3.6.1.4.1.25623.1.1.13.2024.051.02
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2024-051-02)
Summary:	The remote host is missing an update for the 'libuv' package(s) announced via the SSA:2024-051-02 advisory.
Description:	Summary: The remote host is missing an update for the 'libuv' package(s) announced via the SSA:2024-051-02 advisory. Vulnerability Insight: New libuv packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/libuv-1.48.0-i586-1_slack15.0.txz: Upgraded. This update fixes a server-side request forgery (SSRF) flaw. Thanks to alex2grad for the heads-up. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'libuv' package(s) on Slackware 15.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-24806 https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629 https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70 https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488 https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39 https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 https://lists.debian.org/debian-lts-announce/2024/03/msg00005.html http://www.openwall.com/lists/oss-security/2024/02/08/2 http://www.openwall.com/lists/oss-security/2024/02/11/1 http://www.openwall.com/lists/oss-security/2024/03/11/1
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.