The following 5 security vulnerabilities were found in Gemini Central 3.1 based on our scan run on February 13th, 2023. Related fixes are scheduled to be available in our next release.
CentOS 7 : sssd (CESA-2023:0403) - High
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters (CVE-2022-4254)
CentOS 7 : kernel (CESA-2023:0399) - High
- hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)
- kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
- https://www.tenable.com/plugins/nessus/170875
CentOS 7 : sudo (CESA-2023:0291) - High
- sudo: arbitrary file write with privileges of the RunAs user (CVE-2023-22809)
- https://www.tenable.com/plugins/nessus/170859
CentOS 7 : bind (CESA-2023:0402) - Medium
- bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)
- bind: processing large delegations may severely degrade resolver performance (CVE-2022-2795)
- https://www.tenable.com/plugins/nessus/170860
CentOS 7 : java-11-openjdk (CESA-2023:0195) - Low
- OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835)
- OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)
- https://www.tenable.com/plugins/nessus/170861
Did you find it helpful? Yes No
Send feedback