<!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><title>MarinerOS Local Security Checks Plugins<!-- --> | Tenable®</title><meta name="description" content="Listing all plugins in the MarinerOS Local Security Checks family"/><meta property="og:title" content="MarinerOS Local Security Checks Plugins"/><meta property="og:description" content="Listing all plugins in the MarinerOS Local Security Checks family"/><meta name="twitter:title" content="MarinerOS Local Security Checks Plugins"/><meta name="twitter:description" content="Listing all plugins in the MarinerOS Local Security Checks family"/><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="apple-touch-icon" sizes="180x180" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/apple-touch-icon-180x180.png"/><link rel="manifest" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/manifest.json"/><link rel="icon" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/favicon.ico" sizes="any"/><link rel="icon" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/tenable-favicon.svg" type="image/svg+xml"/><meta name="msapplication-config" content="https://www.tenable.com/themes/custom/tenable/images-new/favicons/browserconfig.xml"/><meta name="theme-color" content="#ffffff"/><link rel="canonical" href="https://www.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="x-default" href="https://www.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="en" href="https://www.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="de" href="https://de.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="es" href="https://es-la.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="fr" href="https://fr.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="ja" href="https://jp.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="ko" href="https://kr.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="zh-CN" href="https://www.tenablecloud.cn/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><link rel="alternate" hrefLang="zh-TW" href="https://zh-tw.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks"/><meta name="next-head-count" content="25"/><script type="text/javascript">window.NREUM||(NREUM={});NREUM.info = {"agent":"","beacon":"bam.nr-data.net","errorBeacon":"bam.nr-data.net","licenseKey":"5febff3e0e","applicationID":"96358297","agentToken":null,"applicationTime":82.980377,"transactionName":"MVBabEEHChVXU0IIXggab11RIBYHW1VBDkMNYEpRHCgBHkJaRU52I2EXF0MKEQFfXkVOahJMSF1uSQIHW1laCFQVGmNeUgsNCk9t","queueTime":0,"ttGuid":"f3bc7edeeecc7465"}; (window.NREUM||(NREUM={})).init={ajax:{deny_list:["bam.nr-data.net"]}};(window.NREUM||(NREUM={})).loader_config={licenseKey:"5febff3e0e",applicationID:"96358297"};;/*! For license information please see nr-loader-rum-1.283.2.min.js.LICENSE.txt */ (()=>{var e,t,r={122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},217:(e,t,r)=>{"use strict";r.d(t,{D0:()=>m,gD:()=>v,xN:()=>h});r(860).K7.genericEvents;const n="experimental.marks",i="experimental.measures",o="experimental.resources",a=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var s=r(614),c=r(944),u=r(384),l=r(122);const d="[data-nr-mask]",f=()=>{const e={feature_flags:[],experimental:{marks:!1,measures:!1,resources:!1},mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},get feature_flags(){return e.feature_flags},set feature_flags(t){e.feature_flags=t},generic_events:{enabled:!0,autoStart:!0},harvest:{interval:30},jserrors:{enabled:!0,autoStart:!0},logging:{enabled:!0,autoStart:!0},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,autoStart:!0},performance:{get capture_marks(){return e.feature_flags.includes(n)||e.experimental.marks},set capture_marks(t){e.experimental.marks=t},get capture_measures(){return e.feature_flags.includes(i)||e.experimental.measures},set capture_measures(t){e.experimental.measures=t},capture_detail:!0,resources:{get enabled(){return e.feature_flags.includes(o)||e.experimental.resources},set enabled(t){e.experimental.resources=t},asset_types:[],first_party_domains:[],ignore_newrelic:!0}},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:s.wk,inactiveMs:s.BB},session_replay:{autoStart:!0,enabled:!1,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){a(t)?e.mask_selector="".concat(t,",").concat(d):""===t||null===t?e.mask_selector=d:(0,c.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){a(t)?e.block_selector+=",".concat(t):""!==t&&(0,c.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,c.R)(7,t)}},session_trace:{enabled:!0,autoStart:!0},soft_navigations:{enabled:!0,autoStart:!0},spa:{enabled:!0,autoStart:!0},ssl:void 0,user_actions:{enabled:!0,elementAttributes:["id","className","tagName","type"]}}},g={},p="All configuration objects require an agent identifier!";function m(e){if(!e)throw new Error(p);if(!g[e])throw new Error("Configuration for ".concat(e," was never set"));return g[e]}function h(e,t){if(!e)throw new Error(p);g[e]=(0,l.a)(t,f());const r=(0,u.nY)(e);r&&(r.init=g[e])}function v(e,t){if(!e)throw new Error(p);var r=m(e);if(r){for(var n=t.split("."),i=0;i<n.length-1;i++)if("object"!=typeof(r=r[n[i]]))return;r=r[n[n.length-1]]}return r}},371:(e,t,r)=>{"use strict";r.d(t,{V:()=>f,f:()=>d});var n=r(122),i=r(384),o=r(154),a=r(324);let s=0;const c={buildEnv:a.F3,distMethod:a.Xs,version:a.xv,originTime:o.WN},u={customTransaction:void 0,disabled:!1,isolatedBacklog:!1,loaderType:void 0,maxBytes:3e4,onerror:void 0,ptid:void 0,releaseIds:{},appMetadata:{},session:void 0,denyList:void 0,timeKeeper:void 0,obfuscator:void 0,harvester:void 0},l={};function d(e){if(!e)throw new Error("All runtime objects require an agent identifier!");if(!l[e])throw new Error("Runtime for ".concat(e," was never set"));return l[e]}function f(e,t){if(!e)throw new Error("All runtime objects require an agent identifier!");l[e]={...(0,n.a)(t,u),...c},Object.hasOwnProperty.call(l[e],"harvestCount")||Object.defineProperty(l[e],"harvestCount",{get:()=>++s});const r=(0,i.nY)(e);r&&(r.runtime=l[e])}},324:(e,t,r)=>{"use strict";r.d(t,{F3:()=>i,Xs:()=>o,xv:()=>n});const n="1.283.2",i="PROD",o="CDN"},154:(e,t,r)=>{"use strict";r.d(t,{OF:()=>c,RI:()=>i,WN:()=>l,bv:()=>o,gm:()=>a,mw:()=>s,sb:()=>u});var n=r(863);const i="undefined"!=typeof window&&!!window.document,o="undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self.navigator instanceof WorkerNavigator||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis.navigator instanceof WorkerNavigator),a=i?window:"undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis),s=Boolean("hidden"===a?.document?.visibilityState),c=/iPad|iPhone|iPod/.test(a.navigator?.userAgent),u=c&&"undefined"==typeof SharedWorker,l=((()=>{const e=a.navigator?.userAgent?.match(/Firefox[/\s](\d+\.\d+)/);Array.isArray(e)&&e.length>=2&&e[1]})(),Date.now()-(0,n.t)())},687:(e,t,r)=>{"use strict";r.d(t,{Ak:()=>c,Ze:()=>d,x3:()=>u});var n=r(836),i=r(606),o=r(860),a=r(646);const s={};function c(e,t){const r={staged:!1,priority:o.P3[t]||0};l(e),s[e].get(t)||s[e].set(t,r)}function u(e,t){e&&s[e]&&(s[e].get(t)&&s[e].delete(t),g(e,t,!1),s[e].size&&f(e))}function l(e){if(!e)throw new Error("agentIdentifier required");s[e]||(s[e]=new Map)}function d(e="",t="feature",r=!1){if(l(e),!e||!s[e].get(t)||r)return g(e,t);s[e].get(t).staged=!0,f(e)}function f(e){const t=Array.from(s[e]);t.every((([e,t])=>t.staged))&&(t.sort(((e,t)=>e[1].priority-t[1].priority)),t.forEach((([t])=>{s[e].delete(t),g(e,t)})))}function g(e,t,r=!0){const o=e?n.ee.get(e):n.ee,s=i.i.handlers;if(!o.aborted&&o.backlog&&s){if(r){const e=o.backlog[t],r=s[t];if(r){for(let t=0;e&&t<e.length;++t)p(e[t],r);Object.entries(r).forEach((([e,t])=>{Object.values(t||{}).forEach((t=>{t[0]?.on&&t[0]?.context()instanceof a.y&&t[0].on(e,t[1])}))}))}}o.isolatedBacklog||delete s[t],o.backlog[t]=null,o.emit("drain-"+t,[])}}function p(e,t){var r=e[1];Object.values(t[r]||{}).forEach((t=>{var r=e[0];if(t[0]===r){var n=t[1],i=e[3],o=e[2];n.apply(i,o)}}))}},836:(e,t,r)=>{"use strict";r.d(t,{P:()=>c,ee:()=>u});var n=r(384),i=r(990),o=r(371),a=r(646),s=r(607);const c="nr@context:".concat(s.W),u=function e(t,r){var n={},s={},l={},d=!1;try{d=16===r.length&&(0,o.f)(r).isolatedBacklog}catch(e){}var f={on:p,addEventListener:p,removeEventListener:function(e,t){var r=n[e];if(!r)return;for(var i=0;i<r.length;i++)r[i]===t&&r.splice(i,1)},emit:function(e,r,n,i,o){!1!==o&&(o=!0);if(u.aborted&&!i)return;t&&o&&t.emit(e,r,n);for(var a=g(n),c=m(e),l=c.length,d=0;d<l;d++)c[d].apply(a,r);var p=v()[s[e]];p&&p.push([f,e,r,a]);return a},get:h,listeners:m,context:g,buffer:function(e,t){const r=v();if(t=t||"feature",f.aborted)return;Object.entries(e||{}).forEach((([e,n])=>{s[n]=t,t in r||(r[t]=[])}))},abort:function(){f._aborted=!0,Object.keys(f.backlog).forEach((e=>{delete f.backlog[e]}))},isBuffering:function(e){return!!v()[s[e]]},debugId:r,backlog:d?{}:t&&"object"==typeof t.backlog?t.backlog:{},isolatedBacklog:d};return Object.defineProperty(f,"aborted",{get:()=>{let e=f._aborted||!1;return e||(t&&(e=t.aborted),e)}}),f;function g(e){return e&&e instanceof a.y?e:e?(0,i.I)(e,c,(()=>new a.y(c))):new a.y(c)}function p(e,t){n[e]=m(e).concat(t)}function m(e){return n[e]||[]}function h(t){return l[t]=l[t]||e(f,t)}function v(){return f.backlog}}(void 0,"globalEE"),l=(0,n.Zm)();l.ee||(l.ee=u)},646:(e,t,r)=>{"use strict";r.d(t,{y:()=>n});class n{constructor(e){this.contextId=e}}},908:(e,t,r)=>{"use strict";r.d(t,{d:()=>n,p:()=>i});var n=r(836).ee.get("handle");function i(e,t,r,i,o){o?(o.buffer([e],i),o.emit(e,t,r)):(n.buffer([e],i),n.emit(e,t,r))}},606:(e,t,r)=>{"use strict";r.d(t,{i:()=>o});var n=r(908);o.on=a;var i=o.handlers={};function o(e,t,r,o){a(o||n.d,i,e,t,r)}function a(e,t,r,i,o){o||(o="feature"),e||(e=n.d);var a=t[o]=t[o]||{};(a[r]=a[r]||[]).push([e,i])}},878:(e,t,r)=>{"use strict";function n(e,t){return{capture:e,passive:!1,signal:t}}function i(e,t,r=!1,i){window.addEventListener(e,t,n(r,i))}function o(e,t,r=!1,i){document.addEventListener(e,t,n(r,i))}r.d(t,{DD:()=>o,jT:()=>n,sp:()=>i})},607:(e,t,r)=>{"use strict";r.d(t,{W:()=>n});const n=(0,r(566).bz)()},566:(e,t,r)=>{"use strict";r.d(t,{LA:()=>s,bz:()=>a});var n=r(154);const i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";function o(e,t){return e?15&e[t]:16*Math.random()|0}function a(){const e=n.gm?.crypto||n.gm?.msCrypto;let t,r=0;return e&&e.getRandomValues&&(t=e.getRandomValues(new Uint8Array(30))),i.split("").map((e=>"x"===e?o(t,r++).toString(16):"y"===e?(3&o()|8).toString(16):e)).join("")}function s(e){const t=n.gm?.crypto||n.gm?.msCrypto;let r,i=0;t&&t.getRandomValues&&(r=t.getRandomValues(new Uint8Array(e)));const a=[];for(var s=0;s<e;s++)a.push(o(r,i++).toString(16));return a.join("")}},614:(e,t,r)=>{"use strict";r.d(t,{BB:()=>a,H3:()=>n,g:()=>u,iL:()=>c,tS:()=>s,uh:()=>i,wk:()=>o});const n="NRBA",i="SESSION",o=144e5,a=18e5,s={STARTED:"session-started",PAUSE:"session-pause",RESET:"session-reset",RESUME:"session-resume",UPDATE:"session-update"},c={SAME_TAB:"same-tab",CROSS_TAB:"cross-tab"},u={OFF:0,FULL:1,ERROR:2}},863:(e,t,r)=>{"use strict";function n(){return Math.floor(performance.now())}r.d(t,{t:()=>n})},944:(e,t,r)=>{"use strict";function n(e,t){"function"==typeof console.debug&&console.debug("New Relic Warning: https://github.com/newrelic/newrelic-browser-agent/blob/main/docs/warning-codes.md#".concat(e),t)}r.d(t,{R:()=>n})},284:(e,t,r)=>{"use strict";r.d(t,{t:()=>c,B:()=>s});var n=r(836),i=r(154);const o="newrelic";const a=new Set,s={};function c(e,t){const r=n.ee.get(t);s[t]??={},e&&"object"==typeof e&&(a.has(t)||(r.emit("rumresp",[e]),s[t]=e,a.add(t),function(e={}){try{i.gm.dispatchEvent(new CustomEvent(o,{detail:e}))}catch(e){}}({loaded:!0})))}},990:(e,t,r)=>{"use strict";r.d(t,{I:()=>i});var n=Object.prototype.hasOwnProperty;function i(e,t,r){if(n.call(e,t))return e[t];var i=r();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,t,{value:i,writable:!0,enumerable:!1}),i}catch(e){}return e[t]=i,i}},389:(e,t,r)=>{"use strict";function n(e,t=500,r={}){const n=r?.leading||!1;let i;return(...r)=>{n&&void 0===i&&(e.apply(this,r),i=setTimeout((()=>{i=clearTimeout(i)}),t)),n||(clearTimeout(i),i=setTimeout((()=>{e.apply(this,r)}),t))}}function i(e){let t=!1;return(...r)=>{t||(t=!0,e.apply(this,r))}}r.d(t,{J:()=>i,s:()=>n})},289:(e,t,r)=>{"use strict";r.d(t,{GG:()=>o,sB:()=>a});var n=r(878);function i(){return"undefined"==typeof document||"complete"===document.readyState}function o(e,t){if(i())return e();(0,n.sp)("load",e,t)}function a(e){if(i())return e();(0,n.DD)("DOMContentLoaded",e)}},384:(e,t,r)=>{"use strict";r.d(t,{NT:()=>o,US:()=>l,Zm:()=>a,bQ:()=>c,dV:()=>s,nY:()=>u,pV:()=>d});var n=r(154),i=r(863);const o={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net"};function a(){return n.gm.NREUM||(n.gm.NREUM={}),void 0===n.gm.newrelic&&(n.gm.newrelic=n.gm.NREUM),n.gm.NREUM}function s(){let e=a();return e.o||(e.o={ST:n.gm.setTimeout,SI:n.gm.setImmediate,CT:n.gm.clearTimeout,XHR:n.gm.XMLHttpRequest,REQ:n.gm.Request,EV:n.gm.Event,PR:n.gm.Promise,MO:n.gm.MutationObserver,FETCH:n.gm.fetch,WS:n.gm.WebSocket}),e}function c(e,t){let r=a();r.initializedAgents??={},t.initializedAt={ms:(0,i.t)(),date:new Date},r.initializedAgents[e]=t}function u(e){let t=a();return t.initializedAgents?.[e]}function l(e,t){a()[e]=t}function d(){return function(){let e=a();const t=e.info||{};e.info={beacon:o.beacon,errorBeacon:o.errorBeacon,...t}}(),function(){let e=a();const t=e.init||{};e.init={...t}}(),s(),function(){let e=a();const t=e.loader_config||{};e.loader_config={...t}}(),a()}},843:(e,t,r)=>{"use strict";r.d(t,{u:()=>i});var n=r(878);function i(e,t=!1,r,i){(0,n.DD)("visibilitychange",(function(){if(t)return void("hidden"===document.visibilityState&&e());e(document.visibilityState)}),r,i)}},434:(e,t,r)=>{"use strict";r.d(t,{Jt:()=>o,YM:()=>c});var n=r(836),i=r(607);const o="nr@original:".concat(i.W);var a=Object.prototype.hasOwnProperty,s=!1;function c(e,t){return e||(e=n.ee),r.inPlace=function(e,t,n,i,o){n||(n="");const a="-"===n.charAt(0);for(let s=0;s<t.length;s++){const c=t[s],u=e[c];l(u)||(e[c]=r(u,a?c+n:n,i,c,o))}},r.flag=o,r;function r(t,r,n,s,c){return l(t)?t:(r||(r=""),nrWrapper[o]=t,function(e,t,r){if(Object.defineProperty&&Object.keys)try{return Object.keys(e).forEach((function(r){Object.defineProperty(t,r,{get:function(){return e[r]},set:function(t){return e[r]=t,t}})})),t}catch(e){u([e],r)}for(var n in e)a.call(e,n)&&(t[n]=e[n])}(t,nrWrapper,e),nrWrapper);function nrWrapper(){var o,a,l,d;try{a=this,o=[...arguments],l="function"==typeof n?n(o,a):n||{}}catch(t){u([t,"",[o,a,s],l],e)}i(r+"start",[o,a,s],l,c);try{return d=t.apply(a,o)}catch(e){throw i(r+"err",[o,a,e],l,c),e}finally{i(r+"end",[o,a,d],l,c)}}}function i(r,n,i,o){if(!s||t){var a=s;s=!0;try{e.emit(r,n,i,t,o)}catch(t){u([t,r,n,i],e)}s=a}}}function u(e,t){t||(t=n.ee);try{t.emit("internal-error",e)}catch(e){}}function l(e){return!(e&&"function"==typeof e&&e.apply&&!e[o])}},993:(e,t,r)=>{"use strict";r.d(t,{A$:()=>o,ET:()=>a,p_:()=>i});var n=r(860);const i={ERROR:"ERROR",WARN:"WARN",INFO:"INFO",DEBUG:"DEBUG",TRACE:"TRACE"},o={OFF:0,ERROR:1,WARN:2,INFO:3,DEBUG:4,TRACE:5},a="log";n.K7.logging},773:(e,t,r)=>{"use strict";r.d(t,{z_:()=>o,XG:()=>s,TZ:()=>n,rs:()=>i,xV:()=>a});r(154),r(566),r(384);const n=r(860).K7.metrics,i="sm",o="cm",a="storeSupportabilityMetrics",s="storeEventMetrics"},630:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewEvent},782:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewTiming},344:(e,t,r)=>{"use strict";r.d(t,{G4:()=>i});var n=r(614);r(860).K7.sessionReplay;const i={RECORD:"recordReplay",PAUSE:"pauseReplay",REPLAY_RUNNING:"replayRunning",ERROR_DURING_REPLAY:"errorDuringReplay"};n.g.ERROR,n.g.FULL,n.g.OFF},234:(e,t,r)=>{"use strict";r.d(t,{W:()=>o});var n=r(836),i=r(687);class o{constructor(e,t){this.agentIdentifier=e,this.ee=n.ee.get(e),this.featureName=t,this.blocked=!1}deregisterDrain(){(0,i.x3)(this.agentIdentifier,this.featureName)}}},603:(e,t,r)=>{"use strict";r.d(t,{j:()=>K});var n=r(860),i=r(555),o=r(371),a=r(908),s=r(836),c=r(687),u=r(289),l=r(154),d=r(944),f=r(773),g=r(384),p=r(344);const m=["setErrorHandler","finished","addToTrace","addRelease","recordCustomEvent","addPageAction","setCurrentRouteName","setPageViewName","setCustomAttribute","interaction","noticeError","setUserId","setApplicationVersion","start",p.G4.RECORD,p.G4.PAUSE,"log","wrapLogger"],h=["setErrorHandler","finished","addToTrace","addRelease"];var v=r(863),b=r(614),y=r(993);var w=r(646),R=r(434);const A=new Map;function E(e,t,r,n){if("object"!=typeof t||!t||"string"!=typeof r||!r||"function"!=typeof t[r])return(0,d.R)(29);const i=function(e){return(e||s.ee).get("logger")}(e),o=(0,R.YM)(i),a=new w.y(s.P);a.level=n.level,a.customAttributes=n.customAttributes;const c=t[r]?.[R.Jt]||t[r];return A.set(c,a),o.inPlace(t,[r],"wrap-logger-",(()=>A.get(c))),i}function _(){const e=(0,g.pV)();m.forEach((t=>{e[t]=(...r)=>function(t,...r){let n=[];return Object.values(e.initializedAgents).forEach((e=>{e&&e.api?e.exposed&&e.api[t]&&n.push(e.api[t](...r)):(0,d.R)(38,t)})),n.length>1?n:n[0]}(t,...r)}))}const x={};function N(e,t,g=!1){t||(0,c.Ak)(e,"api");const m={};var w=s.ee.get(e),R=w.get("tracer");x[e]=b.g.OFF,w.on(p.G4.REPLAY_RUNNING,(t=>{x[e]=t}));var A="api-",_=A+"ixn-";function N(t,r,n,o){const a=(0,i.Vp)(e);return null===r?delete a.jsAttributes[t]:(0,i.x1)(e,{...a,jsAttributes:{...a.jsAttributes,[t]:r}}),j(A,n,!0,o||null===r?"session":void 0)(t,r)}function k(){}m.log=function(e,{customAttributes:t={},level:r=y.p_.INFO}={}){(0,a.p)(f.xV,["API/log/called"],void 0,n.K7.metrics,w),function(e,t,r={},i=y.p_.INFO){(0,a.p)(f.xV,["API/logging/".concat(i.toLowerCase(),"/called")],void 0,n.K7.metrics,e),(0,a.p)(y.ET,[(0,v.t)(),t,r,i],void 0,n.K7.logging,e)}(w,e,t,r)},m.wrapLogger=(e,t,{customAttributes:r={},level:i=y.p_.INFO}={})=>{(0,a.p)(f.xV,["API/wrapLogger/called"],void 0,n.K7.metrics,w),E(w,e,t,{customAttributes:r,level:i})},h.forEach((e=>{m[e]=j(A,e,!0,"api")})),m.addPageAction=j(A,"addPageAction",!0,n.K7.genericEvents),m.recordCustomEvent=j(A,"recordCustomEvent",!0,n.K7.genericEvents),m.setPageViewName=function(t,r){if("string"==typeof t)return"/"!==t.charAt(0)&&(t="/"+t),(0,o.f)(e).customTransaction=(r||"http://custom.transaction")+t,j(A,"setPageViewName",!0)()},m.setCustomAttribute=function(e,t,r=!1){if("string"==typeof e){if(["string","number","boolean"].includes(typeof t)||null===t)return N(e,t,"setCustomAttribute",r);(0,d.R)(40,typeof t)}else(0,d.R)(39,typeof e)},m.setUserId=function(e){if("string"==typeof e||null===e)return N("enduser.id",e,"setUserId",!0);(0,d.R)(41,typeof e)},m.setApplicationVersion=function(e){if("string"==typeof e||null===e)return N("application.version",e,"setApplicationVersion",!1);(0,d.R)(42,typeof e)},m.start=()=>{try{(0,a.p)(f.xV,["API/start/called"],void 0,n.K7.metrics,w),w.emit("manual-start-all")}catch(e){(0,d.R)(23,e)}},m[p.G4.RECORD]=function(){(0,a.p)(f.xV,["API/recordReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.RECORD,[],void 0,n.K7.sessionReplay,w)},m[p.G4.PAUSE]=function(){(0,a.p)(f.xV,["API/pauseReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.PAUSE,[],void 0,n.K7.sessionReplay,w)},m.interaction=function(e){return(new k).get("object"==typeof e?e:{})};const T=k.prototype={createTracer:function(e,t){var r={},i=this,o="function"==typeof t;return(0,a.p)(f.xV,["API/createTracer/called"],void 0,n.K7.metrics,w),g||(0,a.p)(_+"tracer",[(0,v.t)(),e,r],i,n.K7.spa,w),function(){if(R.emit((o?"":"no-")+"fn-start",[(0,v.t)(),i,o],r),o)try{return t.apply(this,arguments)}catch(e){const t="string"==typeof e?new Error(e):e;throw R.emit("fn-err",[arguments,this,t],r),t}finally{R.emit("fn-end",[(0,v.t)()],r)}}}};function j(e,t,r,i){return function(){return(0,a.p)(f.xV,["API/"+t+"/called"],void 0,n.K7.metrics,w),i&&(0,a.p)(e+t,[r?(0,v.t)():performance.now(),...arguments],r?null:this,i,w),r?void 0:this}}function I(){r.e(296).then(r.bind(r,778)).then((({setAPI:t})=>{t(e),(0,c.Ze)(e,"api")})).catch((e=>{(0,d.R)(27,e),w.abort()}))}return["actionText","setName","setAttribute","save","ignore","onEnd","getContext","end","get"].forEach((e=>{T[e]=j(_,e,void 0,g?n.K7.softNav:n.K7.spa)})),m.setCurrentRouteName=g?j(_,"routeName",void 0,n.K7.softNav):j(A,"routeName",!0,n.K7.spa),m.noticeError=function(t,r){"string"==typeof t&&(t=new Error(t)),(0,a.p)(f.xV,["API/noticeError/called"],void 0,n.K7.metrics,w),(0,a.p)("err",[t,(0,v.t)(),!1,r,!!x[e]],void 0,n.K7.jserrors,w)},l.RI?(0,u.GG)((()=>I()),!0):I(),m}var k=r(217),T=r(122);const j={accountID:void 0,trustKey:void 0,agentID:void 0,licenseKey:void 0,applicationID:void 0,xpid:void 0},I={};var O=r(284);const S=e=>{const t=e.startsWith("http");e+="/",r.p=t?e:"https://"+e};let P=!1;function K(e,t={},r,n){let{init:a,info:c,loader_config:u,runtime:d={},exposed:f=!0}=t;d.loaderType=r;const p=(0,g.pV)();c||(a=p.init,c=p.info,u=p.loader_config),(0,k.xN)(e.agentIdentifier,a||{}),function(e,t){if(!e)throw new Error("All loader-config objects require an agent identifier!");I[e]=(0,T.a)(t,j);const r=(0,g.nY)(e);r&&(r.loader_config=I[e])}(e.agentIdentifier,u||{}),c.jsAttributes??={},l.bv&&(c.jsAttributes.isWorker=!0),(0,i.x1)(e.agentIdentifier,c);const m=(0,k.D0)(e.agentIdentifier),h=[c.beacon,c.errorBeacon];P||(m.proxy.assets&&(S(m.proxy.assets),h.push(m.proxy.assets)),m.proxy.beacon&&h.push(m.proxy.beacon),_(),(0,g.US)("activatedFeatures",O.B),e.runSoftNavOverSpa&&=!0===m.soft_navigations.enabled&&m.feature_flags.includes("soft_nav")),d.denyList=[...m.ajax.deny_list||[],...m.ajax.block_internal?h:[]],d.ptid=e.agentIdentifier,(0,o.V)(e.agentIdentifier,d),e.ee=s.ee.get(e.agentIdentifier),void 0===e.api&&(e.api=N(e.agentIdentifier,n,e.runSoftNavOverSpa)),void 0===e.exposed&&(e.exposed=f),P=!0}},374:(e,t,r)=>{r.nc=(()=>{try{return document?.currentScript?.nonce}catch(e){}return""})()},860:(e,t,r)=>{"use strict";r.d(t,{$J:()=>u,K7:()=>s,P3:()=>c,XX:()=>i,qY:()=>n,v4:()=>a});const n="events",i="jserrors",o="browser/blobs",a="rum",s={ajax:"ajax",genericEvents:"generic_events",jserrors:i,logging:"logging",metrics:"metrics",pageAction:"page_action",pageViewEvent:"page_view_event",pageViewTiming:"page_view_timing",sessionReplay:"session_replay",sessionTrace:"session_trace",softNav:"soft_navigations",spa:"spa"},c={[s.pageViewEvent]:1,[s.pageViewTiming]:2,[s.metrics]:3,[s.jserrors]:4,[s.spa]:5,[s.ajax]:6,[s.sessionTrace]:7,[s.softNav]:8,[s.sessionReplay]:9,[s.logging]:10,[s.genericEvents]:11},u={[s.pageViewEvent]:a,[s.pageViewTiming]:n,[s.ajax]:n,[s.spa]:n,[s.softNav]:n,[s.metrics]:i,[s.jserrors]:i,[s.sessionTrace]:o,[s.sessionReplay]:o,[s.logging]:"browser/logs",[s.genericEvents]:"ins"}}},n={};function i(e){var t=n[e];if(void 0!==t)return t.exports;var o=n[e]={exports:{}};return r[e](o,o.exports,i),o.exports}i.m=r,i.d=(e,t)=>{for(var r in t)i.o(t,r)&&!i.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},i.f={},i.e=e=>Promise.all(Object.keys(i.f).reduce(((t,r)=>(i.f[r](e,t),t)),[])),i.u=e=>"nr-rum-1.283.2.min.js",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="NRBA-1.283.2.PROD:",i.l=(r,n,o,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==o)for(var u=document.getElementsByTagName("script"),l=0;l<u.length;l++){var d=u[l];if(d.getAttribute("src")==r||d.getAttribute("data-webpack")==t+o){s=d;break}}if(!s){c=!0;var f={296:"sha512-2Y8GMAOGF658KnXzOZ/v+DlLch8TBFvV0tTNnOy9wrpvtDa1t5CdZMyX+LubTymBlzPp6NUjllBghMCZqXBPmg=="};(s=document.createElement("script")).charset="utf-8",s.timeout=120,i.nc&&s.setAttribute("nonce",i.nc),s.setAttribute("data-webpack",t+o),s.src=r,0!==s.src.indexOf(window.location.origin+"/")&&(s.crossOrigin="anonymous"),f[a]&&(s.integrity=f[a])}e[r]=[n];var g=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var i=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),i&&i.forEach((e=>e(n))),t)return t(n)},p=setTimeout(g.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=g.bind(null,s.onerror),s.onload=g.bind(null,s.onload),c&&document.head.appendChild(s)}},i.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.p="https://js-agent.newrelic.com/",(()=>{var e={374:0,840:0};i.f.j=(t,r)=>{var n=i.o(e,t)?e[t]:void 0;if(0!==n)if(n)r.push(n[2]);else{var o=new Promise(((r,i)=>n=e[t]=[r,i]));r.push(n[2]=o);var a=i.p+i.u(t),s=new Error;i.l(a,(r=>{if(i.o(e,t)&&(0!==(n=e[t])&&(e[t]=void 0),n)){var o=r&&("load"===r.type?"missing":r.type),a=r&&r.target&&r.target.src;s.message="Loading chunk "+t+" failed.\n("+o+": "+a+")",s.name="ChunkLoadError",s.type=o,s.request=a,n[1](s)}}),"chunk-"+t,t)}};var t=(t,r)=>{var n,o,[a,s,c]=r,u=0;if(a.some((t=>0!==e[t]))){for(n in s)i.o(s,n)&&(i.m[n]=s[n]);if(c)c(i)}for(t&&t(r);u<a.length;u++)o=a[u],i.o(e,o)&&e[o]&&e[o][0](),e[o]=0},r=self["webpackChunk:NRBA-1.283.2.PROD"]=self["webpackChunk:NRBA-1.283.2.PROD"]||[];r.forEach(t.bind(null,0)),r.push=t.bind(null,r.push.bind(r))})(),(()=>{"use strict";i(374);var e=i(944),t=i(344),r=i(566);class n{agentIdentifier;constructor(){this.agentIdentifier=(0,r.LA)(16)}#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}addPageAction(e,t){return this.#e("addPageAction",e,t)}recordCustomEvent(e,t){return this.#e("recordCustomEvent",e,t)}setPageViewName(e,t){return this.#e("setPageViewName",e,t)}setCustomAttribute(e,t,r){return this.#e("setCustomAttribute",e,t,r)}noticeError(e,t){return this.#e("noticeError",e,t)}setUserId(e){return this.#e("setUserId",e)}setApplicationVersion(e){return this.#e("setApplicationVersion",e)}setErrorHandler(e){return this.#e("setErrorHandler",e)}addRelease(e,t){return this.#e("addRelease",e,t)}log(e,t){return this.#e("log",e,t)}}class o extends n{#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}start(){return this.#e("start")}finished(e){return this.#e("finished",e)}recordReplay(){return this.#e(t.G4.RECORD)}pauseReplay(){return this.#e(t.G4.PAUSE)}addToTrace(e){return this.#e("addToTrace",e)}setCurrentRouteName(e){return this.#e("setCurrentRouteName",e)}interaction(){return this.#e("interaction")}wrapLogger(e,t,r){return this.#e("wrapLogger",e,t,r)}}var a=i(860),s=i(217);const c=Object.values(a.K7);function u(e){const t={};return c.forEach((r=>{t[r]=function(e,t){return!0===(0,s.gD)(t,"".concat(e,".enabled"))}(r,e)})),t}var l=i(603);var d=i(687),f=i(234),g=i(289),p=i(154),m=i(384);const h=e=>p.RI&&!0===(0,s.gD)(e,"privacy.cookies_enabled");function v(e){return!!(0,m.dV)().o.MO&&h(e)&&!0===(0,s.gD)(e,"session_trace.enabled")}var b=i(389);class y extends f.W{constructor(e,t,r=!0){super(e.agentIdentifier,t),this.auto=r,this.abortHandler=void 0,this.featAggregate=void 0,this.onAggregateImported=void 0,!1===e.init[this.featureName].autoStart&&(this.auto=!1),this.auto?(0,d.Ak)(e.agentIdentifier,t):this.ee.on("manual-start-all",(0,b.J)((()=>{(0,d.Ak)(e.agentIdentifier,this.featureName),this.auto=!0,this.importAggregator(e)})))}importAggregator(t,r={}){if(this.featAggregate||!this.auto)return;let n;this.onAggregateImported=new Promise((e=>{n=e}));const o=async()=>{let o;try{if(h(this.agentIdentifier)){const{setupAgentSession:e}=await i.e(296).then(i.bind(i,861));o=e(t)}}catch(t){(0,e.R)(20,t),this.ee.emit("internal-error",[t]),this.featureName===a.K7.sessionReplay&&this.abortHandler?.()}try{if(!this.#t(this.featureName,o))return(0,d.Ze)(this.agentIdentifier,this.featureName),void n(!1);const{lazyFeatureLoader:e}=await i.e(296).then(i.bind(i,103)),{Aggregate:a}=await e(this.featureName,"aggregate");this.featAggregate=new a(t,r),t.runtime.harvester.initializedAggregates.push(this.featAggregate),n(!0)}catch(t){(0,e.R)(34,t),this.abortHandler?.(),(0,d.Ze)(this.agentIdentifier,this.featureName,!0),n(!1),this.ee&&this.ee.abort()}};p.RI?(0,g.GG)((()=>o()),!0):o()}#t(e,t){switch(e){case a.K7.sessionReplay:return v(this.agentIdentifier)&&!!t;case a.K7.sessionTrace:return!!t;default:return!0}}}var w=i(630);class R extends y{static featureName=w.T;constructor(e,t=!0){super(e,w.T,t),this.importAggregator(e)}}var A=i(908),E=i(843),_=i(878),x=i(782),N=i(863);class k extends y{static featureName=x.T;constructor(e,t=!0){super(e,x.T,t),p.RI&&((0,E.u)((()=>(0,A.p)("docHidden",[(0,N.t)()],void 0,x.T,this.ee)),!0),(0,_.sp)("pagehide",(()=>(0,A.p)("winPagehide",[(0,N.t)()],void 0,x.T,this.ee))),this.importAggregator(e))}}var T=i(773);class j extends y{static featureName=T.TZ;constructor(e,t=!0){super(e,T.TZ,t),this.importAggregator(e)}}new class extends o{constructor(t){super(),p.gm?(this.features={},(0,m.bQ)(this.agentIdentifier,this),this.desiredFeatures=new Set(t.features||[]),this.desiredFeatures.add(R),this.runSoftNavOverSpa=[...this.desiredFeatures].some((e=>e.featureName===a.K7.softNav)),(0,l.j)(this,t,t.loaderType||"agent"),this.run()):(0,e.R)(21)}get config(){return{info:this.info,init:this.init,loader_config:this.loader_config,runtime:this.runtime}}run(){try{const t=u(this.agentIdentifier),r=[...this.desiredFeatures];r.sort(((e,t)=>a.P3[e.featureName]-a.P3[t.featureName])),r.forEach((r=>{if(!t[r.featureName]&&r.featureName!==a.K7.pageViewEvent)return;if(this.runSoftNavOverSpa&&r.featureName===a.K7.spa)return;if(!this.runSoftNavOverSpa&&r.featureName===a.K7.softNav)return;const n=function(e){switch(e){case a.K7.ajax:return[a.K7.jserrors];case a.K7.sessionTrace:return[a.K7.ajax,a.K7.pageViewEvent];case a.K7.sessionReplay:return[a.K7.sessionTrace];case a.K7.pageViewTiming:return[a.K7.pageViewEvent];default:return[]}}(r.featureName).filter((e=>!(e in this.features)));n.length>0&&(0,e.R)(36,{targetFeature:r.featureName,missingDependencies:n}),this.features[r.featureName]=new r(this)}))}catch(t){(0,e.R)(22,t);for(const e in this.features)this.features[e].abortHandler?.();const r=(0,m.Zm)();delete r.initializedAgents[this.agentIdentifier]?.api,delete r.initializedAgents[this.agentIdentifier]?.features,delete this.sharedAggregator;return r.ee.get(this.agentIdentifier).abort(),!1}}}({features:[R,k,j],loaderType:"lite"})})()})();</script><link data-next-font="size-adjust" rel="preconnect" href="/" crossorigin="anonymous"/><link nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" rel="preload" href="/_next/static/css/db24d31363ad041b.css" as="style"/><link nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" rel="stylesheet" href="/_next/static/css/db24d31363ad041b.css" data-n-g=""/><noscript data-n-css="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4"></noscript><script defer="" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" nomodule="" src="/_next/static/chunks/polyfills-42372ed130431b0a.js"></script><script src="/_next/static/chunks/webpack-a707e99c69361791.js" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" defer=""></script><script src="/_next/static/chunks/framework-945b357d4a851f4b.js" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" defer=""></script><script src="/_next/static/chunks/main-46992b6f0e7a85fe.js" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" defer=""></script><script src="/_next/static/chunks/pages/_app-07799d5d5820dde3.js" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" defer=""></script><script src="/_next/static/chunks/4428-b93cdfb398f12a51.js" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" defer=""></script><script src="/_next/static/chunks/pages/plugins/%5Btype%5D/families/%5Bfamily%5D-3b8d334bfb16339c.js" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" defer=""></script><script src="/_next/static/quwZI-HT3Gc5YWLCRl-UF/_buildManifest.js" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" defer=""></script><script src="/_next/static/quwZI-HT3Gc5YWLCRl-UF/_ssgManifest.js" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4" defer=""></script></head><body data-base-url="https://www.tenable.com" data-ga4-tracking-id=""><div id="__next"><div class="app__wrapper"><header class="banner"><div class="nav-wrapper"><ul class="list-inline nav-brand"><li class="list-inline-item"><a href="https://www.tenable.com"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo.png" alt="Tenable"/></a></li><li class="list-inline-item"><a class="app-name" href="https://www.tenable.com/plugins">Plugins</a></li></ul><ul class="nav-dropdown nav"><li class="d-none d-md-block dropdown nav-item"><a aria-haspopup="true" href="#" class="dropdown-toggle nav-link" aria-expanded="false">Settings</a><div tabindex="-1" role="menu" aria-hidden="true" class="dropdown-menu dropdown-menu-right"><h6 tabindex="-1" class="dropdown-header">Links</h6><a href="https://cloud.tenable.com" role="menuitem" class="dropdown-item">Tenable Cloud<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><a href="https://community.tenable.com/login" role="menuitem" class="dropdown-item">Tenable Community &amp; Support<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><a href="https://university.tenable.com/lms/index.php?r=site/sso&amp;sso_type=saml" role="menuitem" class="dropdown-item">Tenable University<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity<!-- --> <i class="fas fa-info-circle" id="preferredSeverity"></i></div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><button type="button" tabindex="0" role="menuitem" class="dropdown-item-link dropdown-item">Help</button></div></li></ul><div class="d-block d-md-none"><button type="button" aria-label="Toggle Overlay" class="btn btn-link nav-toggle"><i class="fas fa-bars fa-2x"></i></button></div></div></header><div class="mobile-nav closed"><ul class="flex-column nav"><li class="mobile-header nav-item"><a href="https://www.tenable.com" class="float-left nav-link"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo-teal.png" alt="Tenable"/></a><a class="float-right mr-2 nav-link"><i class="fas fa-times fa-lg"></i></a></li><li class="nav-item"><a class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/pipeline">Plugins Pipeline</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nessus/families?type=nessus">Nessus Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/was/families?type=was">WAS Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nnm/families?type=nnm">NNM Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/lce/families?type=lce">LCE Families</a></li><li class="no-capitalize nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/ot/families?type=ot">Tenable OT Security Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/families/about">About Plugin Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/release-notes">Release Notes</a></li></div></div><li class="nav-item"><a class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/search">Search Audit Files</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/items/search">Search Items</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/references">References</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/authorities">Authorities</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/documentation">Documentation</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div></div><li class="nav-item"><a class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioa">Indicators of Attack</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioe">Indicators of Exposure</a></li></div></div><li class="nav-item"><a class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/search">Search</a></li></div></div><li class="nav-item"><a class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques/search">Search</a></li></div></div><ul id="links-nav" class="flex-column mt-5 nav"><li class="nav-item"><a class="nav-link">Links<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a href="https://cloud.tenable.com" class="nav-link">Tenable Cloud</a></li><li class="nav-item"><a href="https://community.tenable.com/login" class="nav-link">Tenable Community &amp; Support</a></li><li class="nav-item"><a href="https://university.tenable.com/lms/index.php?r=site/sso&amp;sso_type=saml" class="nav-link">Tenable University</a></li></div></div><li class="nav-item"><a class="nav-link">Settings<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse py-3"><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity</div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></li><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></li></div></div></ul></ul></div><div class="app__container"><div class="app__content"><div class="card callout callout-alert callout-bg-danger mb-4"><div class="card-body"><h5 class="mb-2 text-white">Your browser is no longer supported</h5><p class="text-white">Please update or use another browser for this application to function correctly.</p></div></div><div class="row"><div class="col-3 col-xl-2 d-none d-md-block"><h6 class="side-nav-heading">Detections</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-down"></i></a></li><div class="side-nav-collapse collapse show"><li class="false nav-item"><a href="/plugins" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/plugins/pipeline" class="nav-link"><span>Plugins Pipeline</span></a></li><li class="false nav-item"><a href="/plugins/release-notes" class="nav-link"><span>Release Notes</span></a></li><li class="false nav-item"><a href="/plugins/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/plugins/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/plugins/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/plugins/nessus/families" class="nav-link"><span>Nessus Families</span></a></li><li class="false nav-item"><a href="/plugins/was/families" class="nav-link"><span>WAS Families</span></a></li><li class="false nav-item"><a href="/plugins/nnm/families" class="nav-link"><span>NNM Families</span></a></li><li class="false nav-item"><a href="/plugins/lce/families" class="nav-link"><span>LCE Families</span></a></li><li class="false nav-item"><a href="/plugins/ot/families" class="nav-link"><span>Tenable OT Security Families</span></a></li><li class="false nav-item"><a href="/plugins/families/about" class="nav-link"><span>About Plugin Families</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/audits" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/audits/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/audits/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/audits/search" class="nav-link"><span>Search Audit Files</span></a></li><li class="false nav-item"><a href="/audits/items/search" class="nav-link"><span>Search Items</span></a></li><li class="false nav-item"><a href="/audits/references" class="nav-link"><span>References</span></a></li><li class="false nav-item"><a href="/audits/authorities" class="nav-link"><span>Authorities</span></a></li><li class="false nav-item"><a href="/audits/documentation" class="nav-link"><span>Documentation</span></a></li><li class="nav-item"><a class="nav-link" href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div><li class="nav-item"><a type="button" class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/indicators" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/indicators/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/indicators/ioa" class="nav-link"><span>Indicators of Attack</span></a></li><li class="false nav-item"><a href="/indicators/ioe" class="nav-link"><span>Indicators of Exposure</span></a></li></div></ul><h6 class="side-nav-heading">Analytics</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/cve" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/cve/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/cve/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/cve/search" class="nav-link"><span>Search</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/attack-path-techniques" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/attack-path-techniques/search" class="nav-link"><span>Search</span></a></li></div></ul></div><div class="col-12 col-md-9 col-xl-10"><h1 class="mb-3 h2">MarinerOS Local Security Checks Family for Nessus</h1><nav class="d-none d-md-block" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins">Plugins</a></li><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins/nessus/families?type=nessus">Nessus Plugin Families</a></li><li class="active breadcrumb-item" aria-current="page">MarinerOS Local Security Checks</li></ol></nav><nav class="d-md-none" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins/nessus/families?type=nessus"><i class="fas fa-chevron-left"></i> <!-- -->Nessus Plugin Families</a></li></ol></nav><div class="card"><div class="p-3 card-body"><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks?page=0">‹‹ <!-- -->Previous<span class="sr-only"> <!-- -->Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 36<!-- --> <span class="d-none d-sm-inline">• <!-- -->1798 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks?page=2"><span class="sr-only">Next</span>Next<!-- --> ››</a></li></ul></nav><div class="table-responsive"><table class="results-table table"><thead><tr><th>ID</th><th>Name</th><th>Severity</th></tr></thead><tbody><tr><td><a href="https://www.tenable.com/plugins/nessus/217104">217104</a></td><td>CBL Mariner 2.0 Security Update: gnutls / libtasn1 (CVE-2024-12133)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217103">217103</a></td><td>CBL Mariner 2.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36373)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217101">217101</a></td><td>CBL Mariner 2.0 Security Update: erlang (CVE-2025-26618)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217098">217098</a></td><td>CBL Mariner 2.0 Security Update: fluent-bit (CVE-2024-50609)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217097">217097</a></td><td>CBL Mariner 2.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36374)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217096">217096</a></td><td>CBL Mariner 2.0 Security Update: cert-manager / influxdb / keda / kube-vip-cloud-provider (CVE-2025-27144)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217095">217095</a></td><td>CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-39908)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217092">217092</a></td><td>CBL Mariner 2.0 Security Update: opensc (CVE-2023-40660)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217091">217091</a></td><td>CBL Mariner 2.0 Security Update: opensc (CVE-2024-1454)</td><td><h6 class="m-1"><span class="badge badge-low">low</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/217090">217090</a></td><td>CBL Mariner 2.0 Security Update: fluent-bit (CVE-2024-50608)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216922">216922</a></td><td>CBL Mariner 2.0 Security Update: less (CVE-2022-48624)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216896">216896</a></td><td>CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-27113)</td><td><h6 class="m-1"><span class="badge badge-low">low</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216894">216894</a></td><td>CBL Mariner 2.0 Security Update: openssh (CVE-2025-26465)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216893">216893</a></td><td>CBL Mariner 2.0 Security Update: libcap (CVE-2025-1390)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216892">216892</a></td><td>CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-24928)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216891">216891</a></td><td>CBL Mariner 2.0 Security Update: libxml2 (CVE-2024-56171)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216889">216889</a></td><td>CBL Mariner 2.0 Security Update: opensc (CVE-2023-5992)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216888">216888</a></td><td>CBL Mariner 2.0 Security Update: vim (CVE-2025-26603)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216887">216887</a></td><td>CBL Mariner 2.0 Security Update: vim (CVE-2025-1215)</td><td><h6 class="m-1"><span class="badge badge-low">low</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216726">216726</a></td><td>CBL Mariner 2.0 Security Update: glib (CVE-2023-32643)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216725">216725</a></td><td>CBL Mariner 2.0 Security Update: glib (CVE-2023-32636)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216724">216724</a></td><td>CBL Mariner 2.0 Security Update: glib (CVE-2023-29499)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216723">216723</a></td><td>CBL Mariner 2.0 Security Update: python3 (CVE-2025-0938)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216721">216721</a></td><td>CBL Mariner 2.0 Security Update: netplan (CVE-2022-4968)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216666">216666</a></td><td>CBL Mariner 2.0 Security Update: reaper (CVE-2024-52798)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216665">216665</a></td><td>CBL Mariner 2.0 Security Update: binutils (CVE-2025-1178)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216664">216664</a></td><td>CBL Mariner 2.0 Security Update: nvidia-container-toolkit (CVE-2025-23359)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216630">216630</a></td><td>CBL Mariner 2.0 Security Update: postgresql (CVE-2025-1094)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216629">216629</a></td><td>CBL Mariner 2.0 Security Update: libtiff (CVE-2023-3164)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216627">216627</a></td><td>CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm (CVE-2024-12797)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216624">216624</a></td><td>CBL Mariner 2.0 Security Update: emacs (CVE-2025-1244)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216572">216572</a></td><td>CBL Mariner 2.0 Security Update: lua / memcached / ntopng (CVE-2021-43519)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216369">216369</a></td><td>CBL Mariner 2.0 Security Update: giflib (CVE-2023-39742)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216367">216367</a></td><td>CBL Mariner 2.0 Security Update: binutils (CVE-2025-1182)</td><td><h6 class="m-1"><span class="badge badge-low">low</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216366">216366</a></td><td>CBL Mariner 2.0 Security Update: xorg-x11-server (CVE-2024-0408)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216365">216365</a></td><td>CBL Mariner 2.0 Security Update: binutils (CVE-2025-1176)</td><td><h6 class="m-1"><span class="badge badge-low">low</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216364">216364</a></td><td>CBL Mariner 2.0 Security Update: binutils (CVE-2025-1181)</td><td><h6 class="m-1"><span class="badge badge-low">low</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216363">216363</a></td><td>CBL Mariner 2.0 Security Update: mdadm (CVE-2023-28736)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216361">216361</a></td><td>CBL Mariner 2.0 Security Update: avahi (CVE-2024-52616)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216360">216360</a></td><td>CBL Mariner 2.0 Security Update: nginx (CVE-2025-23419)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216359">216359</a></td><td>CBL Mariner 2.0 Security Update: rabbitmq-server (CVE-2023-50966)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216358">216358</a></td><td>CBL Mariner 2.0 Security Update: binutils (CVE-2025-0840)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216343">216343</a></td><td>CBL Mariner 2.0 Security Update: busybox (CVE-2022-48174)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216287">216287</a></td><td>CBL Mariner 2.0 Security Update: nodejs / nodejs18 (CVE-2024-22020)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216286">216286</a></td><td>CBL Mariner 2.0 Security Update: python-twisted (CVE-2023-46137)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216285">216285</a></td><td>CBL Mariner 2.0 Security Update: sriov-network-device-plugin / vitess (CVE-2024-45339)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216284">216284</a></td><td>CBL Mariner 2.0 Security Update: nodejs / nodejs18 (CVE-2025-23085)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216283">216283</a></td><td>CBL Mariner 2.0 Security Update: python3 (CVE-2023-27043)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216282">216282</a></td><td>CBL Mariner 2.0 Security Update: nodejs / nodejs18 (CVE-2025-22150)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/216281">216281</a></td><td>CBL Mariner 2.0 Security Update: mysql (CVE-2025-0725)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr></tbody></table></div><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks?page=0">‹‹ <!-- -->Previous<span class="sr-only"> <!-- -->Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 36<!-- --> <span class="d-none d-sm-inline">• <!-- -->1798 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/nessus/families/MarinerOS%20Local%20Security%20Checks?page=2"><span class="sr-only">Next</span>Next<!-- --> ››</a></li></ul></nav></div></div></div></div></div></div><footer class="footer"><div class="container"><ul class="footer-nav"><li class="footer-nav-item"><a href="https://www.tenable.com/">Tenable.com</a></li><li class="footer-nav-item"><a href="https://community.tenable.com">Community &amp; Support</a></li><li class="footer-nav-item"><a href="https://docs.tenable.com">Documentation</a></li><li class="footer-nav-item"><a href="https://university.tenable.com">Education</a></li></ul><ul class="footer-nav footer-nav-secondary"><li class="footer-nav-item">© <!-- -->2025<!-- --> <!-- -->Tenable®, Inc. All Rights Reserved</li><li class="footer-nav-item"><a href="https://www.tenable.com/privacy-policy">Privacy Policy</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/legal">Legal</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/section-508-voluntary-product-accessibility">508 Compliance</a></li></ul></div></footer><div class="Toastify"></div></div></div><script id="__NEXT_DATA__" type="application/json" nonce="nonce-MzNjMTM3YmUtNTNiNC00MDRmLTg2MjUtNTI4ZjY0OGE4N2U4">{"props":{"pageProps":{"plugins":[{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217104","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0096","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-12133","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12133"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-12133"}],"description":"The version of gnutls / libtasn1 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12133 advisory.\n\n - A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack. (CVE-2024-12133)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"217104","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: gnutls / libtasn1 (CVE-2024-12133)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":4.6,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"2.2","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0096"]},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1740960000000,"217104"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217103","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2021-36373","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36373"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36373"}],"description":"The version of ant / javapackages-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-36373 advisory.\n\n - When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected. (CVE-2021-36373)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"217103","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36373)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740960000000,"217103"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217101","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-26618","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26618"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26618"}],"description":"The version of erlang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-26618 advisory.\n\n - Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet size is not verified properly for SFTP packets. As a result when multiple SSH packets (conforming to max SSH packet size) are received by ssh, they might be combined into an SFTP packet which will exceed the max allowed packet size and potentially cause large amount of memory to be allocated. Note that situation described above can only happen for successfully authenticated users after completing the SSH handshake. This issue has been patched in OTP versions 27.2.4, 26.2.5.9, and 25.3.2.18. There are no known workarounds for this vulnerability. (CVE-2025-26618)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"217101","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: erlang (CVE-2025-26618)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":5,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":7,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":6.5,"cvssv4_vector_base":"AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H","cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H","cvssv2_temporal_score":3.7,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":3.8,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":"High"},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":"High","vprSeverity":"Medium","severity":"Medium"},"sort":[1740960000000,"217101"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217098","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-50609","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50609"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50609"}],"description":"The version of fluent-bit installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50609 advisory.\n\n - An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server.\n Improper handling of the case when Content-Length is 0 allows a user (with access to the endpoint) to perform a remote Denial of service attack. The crash happens because of a NULL pointer dereference when 0 (from the Content-Length) is passed to the function cfl_sds_len, which in turn tries to cast a NULL pointer into struct cfl_sds. This is related to process_payload_traces_proto_ng() at opentelemetry_prot.c.\n (CVE-2024-50609)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"217098","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: fluent-bit (CVE-2024-50609)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740960000000,"217098"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217097","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2021-36374","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36374"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36374"}],"description":"The version of ant / javapackages-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-36374 advisory.\n\n - When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files. Apache Ant prior to 1.9.16 and 1.10.11 were affected. (CVE-2021-36374)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"217097","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36374)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740960000000,"217097"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217096","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-27144","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27144"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27144"}],"description":"The version of cert-manager / influxdb / keda / kube-vip-cloud-provider installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-27144 advisory.\n\n - Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, .) to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.\n (CVE-2025-27144)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"217096","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: cert-manager / influxdb / keda / kube-vip-cloud-provider (CVE-2025-27144)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":5,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":8.7,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":6.5,"cvssv4_vector_base":"AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","cvssv2_temporal_score":3.7,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":6.6,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":"High"},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":"High","vprSeverity":"Medium","severity":"Medium"},"sort":[1740960000000,"217096"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217095","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-39908","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39908"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39908"}],"description":"The version of ruby / rubygem-rexml installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39908 advisory.\n\n - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `\u003c`, `0` and `%\u003e`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. (CVE-2024-39908)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"217095","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: ruby / rubygem-rexml (CVE-2024-39908)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":4.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":3.9,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvssv4_vector":null,"cvssv2_temporal_score":3.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"2.2","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740960000000,"217095"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217092","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-40660","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40660"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-40660"}],"description":"The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40660 advisory.\n\n - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness. (CVE-2023-40660)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"217092","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: opensc (CVE-2023-40660)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":6.6,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":5.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740960000000,"217092"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217091","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-1454","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1454"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-1454"}],"description":"The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory.\n\n - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or smart card to present the system with specially crafted responses to the APDUs, which are considered high complexity and low severity. This manipulation can allow for compromised card management operations during enrolment.\n (CVE-2024-1454)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Low","script_id":"217091","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: opensc (CVE-2024-1454)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":3.4,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:N","cvssv3_temporal_score":3,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:N/C:P/I:P/A:N","cvssv3_vector_base":"AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":1.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":2.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Low","cvssv4_risk_factor":null},"vpr_score":"3.8","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Low","cvssV4Severity":null,"vprSeverity":"Low","severity":"Low"},"sort":[1740960000000,"217091"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"217090","_score":null,"_source":{"plugin_modification_date":"2025-03-03T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-50608","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50608"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50608"}],"description":"The version of fluent-bit installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50608 advisory.\n\n - An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user (with access to the endpoint) to perform a remote Denial of service attack. The crash happens because of a NULL pointer dereference when 0 (from the Content-Length) is passed to the function cfl_sds_len, which in turn tries to cast a NULL pointer into struct cfl_sds. This is related to process_payload_metrics_ng() at prom_rw_prot.c.\n (CVE-2024-50608)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"217090","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: fluent-bit (CVE-2024-50608)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-03-03T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"3/3/2025","pluginModificationDate":"3/3/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740960000000,"217090"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216922","_score":null,"_source":{"plugin_modification_date":"2025-02-28T00:00:00","references":[{"id_type":"cve","id":"CVE-2022-48624","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48624"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48624"}],"description":"The version of less installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48624 advisory.\n\n - close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. (CVE-2022-48624)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"216922","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: less (CVE-2022-48624)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-28T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/28/2025","pluginModificationDate":"2/28/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1740700800000,"216922"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216896","_score":null,"_source":{"plugin_modification_date":"2025-02-27T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0123","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-27113","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27113"}],"description":"The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-27113 advisory.\n\n - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. (CVE-2025-27113)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Low","script_id":"216896","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-27113)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-27T00:00:00","cvss":{"cvssv3_score":2.9,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":2.6,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvssv4_vector":null,"cvssv2_temporal_score":0.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":1.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Low","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0123"]},"pluginPublicationDate":"2/27/2025","pluginModificationDate":"2/27/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Low","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Low"},"sort":[1740614400000,"216896"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216894","_score":null,"_source":{"plugin_modification_date":"2025-02-27T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0126","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-26465","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26465"}],"description":"The version of openssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-26465 advisory.\n\n - A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. (CVE-2025-26465)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216894","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: openssh (CVE-2025-26465)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-27T00:00:00","cvss":{"cvssv3_score":6.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N","cvssv3_temporal_score":6.1,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:C/I:C/A:N","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":5.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.1,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"8.5","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0126"]},"pluginPublicationDate":"2/27/2025","pluginModificationDate":"2/27/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1740614400000,"216894"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216893","_score":null,"_source":{"plugin_modification_date":"2025-02-28T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0134","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-1390","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1390"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1390"}],"description":"The version of libcap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1390 advisory.\n\n - The PAM module pam_cap.so of libcap configuration supports group names starting with @, during actual parsing, configurations not starting with @ are incorrectly recognized as group names. This May result in nonintended users being granted an inherited capability set, potentially leading to security risks.\n Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames. (CVE-2025-1390)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216893","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: libcap (CVE-2025-1390)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-27T00:00:00","cvss":{"cvssv3_score":6.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:P/I:C/A:N","cvssv3_temporal_score":5.3,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:P/I:C/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"5.0","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0134"]},"pluginPublicationDate":"2/27/2025","pluginModificationDate":"2/28/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740614400000,"216893"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216892","_score":null,"_source":{"plugin_modification_date":"2025-02-27T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0123","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-24928","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24928"}],"description":"The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24928 advisory.\n\n - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE:\n this is similar to CVE-2017-9047. (CVE-2025-24928)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216892","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-24928)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-27T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:N","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:N/C:C/I:C/A:N","cvssv3_vector_base":"AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.9","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0123"]},"pluginPublicationDate":"2/27/2025","pluginModificationDate":"2/27/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1740614400000,"216892"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216891","_score":null,"_source":{"plugin_modification_date":"2025-02-27T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0123","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-56171","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56171"}],"description":"The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56171 advisory.\n\n - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.\n (CVE-2024-56171)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216891","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: libxml2 (CVE-2024-56171)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-27T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:N","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:N/C:C/I:C/A:N","cvssv3_vector_base":"AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.9","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0123"]},"pluginPublicationDate":"2/27/2025","pluginModificationDate":"2/27/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1740614400000,"216891"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216889","_score":null,"_source":{"plugin_modification_date":"2025-02-27T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-5992","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5992"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5992"}],"description":"The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5992 advisory.\n\n - A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side- channel resistant. This issue May result in the potential leak of private data. (CVE-2023-5992)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216889","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: opensc (CVE-2023-5992)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-27T00:00:00","cvss":{"cvssv3_score":5.9,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N","cvssv3_temporal_score":5.3,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:C/I:N/A:N","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5.4,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/27/2025","pluginModificationDate":"2/27/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740614400000,"216889"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216888","_score":null,"_source":{"plugin_modification_date":"2025-02-27T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0128","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-26603","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26603"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26603"}],"description":"The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-26603 advisory.\n\n - Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability. (CVE-2025-26603)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Low","script_id":"216888","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: vim (CVE-2025-26603)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-27T00:00:00","cvss":{"cvssv3_score":4.2,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:P/I:P/A:P","cvssv3_temporal_score":3.7,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:P/I:P/A:P","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L","cvssv4_vector":null,"cvssv2_temporal_score":2.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":3.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.9","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0128"]},"pluginPublicationDate":"2/27/2025","pluginModificationDate":"2/27/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Low"},"sort":[1740614400000,"216888"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216887","_score":null,"_source":{"plugin_modification_date":"2025-02-27T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0128","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-1215","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1215"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1215"}],"description":"The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1215 advisory.\n\n - A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component. (CVE-2025-1215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Low","script_id":"216887","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: vim (CVE-2025-1215)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-27T00:00:00","cvss":{"cvssv3_score":2.8,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":1.7,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":2.4,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:P","cvssv3_temporal_score":2.5,"cvssv4_vector_base":"AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:P","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","cvssv4_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","cvssv2_temporal_score":1.3,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":0.4,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Low","cvssv4_risk_factor":"Low"},"vpr_score":"2.9","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0128"]},"pluginPublicationDate":"2/27/2025","pluginModificationDate":"2/27/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Low","cvssV4Severity":"Low","vprSeverity":"Low","severity":"Low"},"sort":[1740614400000,"216887"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216726","_score":null,"_source":{"plugin_modification_date":"2025-02-25T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-32643","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32643"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32643"}],"description":"The version of glib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32643 advisory.\n\n - A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665. (CVE-2023-32643)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216726","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: glib (CVE-2023-32643)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/25/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740441600000,"216726"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216725","_score":null,"_source":{"plugin_modification_date":"2025-02-25T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-32636","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32636"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32636"}],"description":"The version of glib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32636 advisory.\n\n - A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. (CVE-2023-32636)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216725","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: glib (CVE-2023-32636)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/25/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1740441600000,"216725"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216724","_score":null,"_source":{"plugin_modification_date":"2025-02-25T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-29499","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29499"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29499"}],"description":"The version of glib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-29499 advisory.\n\n - A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. (CVE-2023-29499)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216724","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: glib (CVE-2023-29499)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/25/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1740441600000,"216724"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216723","_score":null,"_source":{"plugin_modification_date":"2025-02-25T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-0938","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0938"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-0938"}],"description":"The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0938 advisory.\n\n - The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers. (CVE-2025-0938)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Low","script_id":"216723","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: python3 (CVE-2025-0938)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":4,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":2.6,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":6.3,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":3.5,"cvssv4_vector_base":"AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N","cvssv2_vector_base":"AV:N/AC:H/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N","cvssv4_vector":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N","cvssv2_temporal_score":1.9,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":1.7,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":"Medium"},"vpr_score":"2.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/25/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":"Medium","vprSeverity":"Low","severity":"Low"},"sort":[1740441600000,"216723"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216721","_score":null,"_source":{"plugin_modification_date":"2025-02-25T00:00:00","references":[{"id_type":"cve","id":"CVE-2022-4968","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4968"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4968"}],"description":"The version of netplan installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4968 advisory.\n\n - netplan leaks the private key of wireguard to local users. Versions after 1.0 are not affected.\n (CVE-2022-4968)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216721","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: netplan (CVE-2022-4968)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":6.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N","cvssv3_temporal_score":5.9,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"5.2","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/25/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740441600000,"216721"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216666","_score":null,"_source":{"plugin_modification_date":"2025-02-22T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-52798","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52798"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52798"}],"description":"The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52798 advisory.\n\n - path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgrade to 0.1.12.\n This vulnerability exists because of an incomplete fix for CVE-2024-45296. (CVE-2024-52798)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216666","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: reaper (CVE-2024-52798)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-22T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":6.4,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":8.7,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P","cvssv3_temporal_score":6.5,"cvssv4_vector_base":"AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","cvssv2_temporal_score":4.7,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":6.6,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":"High"},"vpr_score":"3.6","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/22/2025","pluginModificationDate":"2/22/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":"High","vprSeverity":"Low","severity":"Medium"},"sort":[1740182400000,"216666"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216665","_score":null,"_source":{"plugin_modification_date":"2025-02-25T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0095","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-1178","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1178"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1178"}],"description":"The version of binutils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1178 advisory.\n\n - A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and May be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue. (CVE-2025-1178)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216665","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: binutils (CVE-2025-1178)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-22T00:00:00","cvss":{"cvssv3_score":5.6,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":5.1,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":6.3,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":4.9,"cvssv4_vector_base":"AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvssv4_vector":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_temporal_score":3.8,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":1.7,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":"Medium"},"vpr_score":"4.2","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0095"]},"pluginPublicationDate":"2/22/2025","pluginModificationDate":"2/25/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":"Medium","vprSeverity":"Medium","severity":"Medium"},"sort":[1740182400000,"216665"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216664","_score":null,"_source":{"plugin_modification_date":"2025-02-22T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-23359","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23359"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23359"}],"description":"The version of nvidia-container-toolkit installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23359 advisory.\n\n - NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. (CVE-2025-23359)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216664","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: nvidia-container-toolkit (CVE-2025-23359)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-22T00:00:00","cvss":{"cvssv3_score":8.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.2,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"8.1","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/22/2025","pluginModificationDate":"2/22/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1740182400000,"216664"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216630","_score":null,"_source":{"plugin_modification_date":"2025-02-24T00:00:00","references":[{"id_type":"IAVB","id":"2025-B-0028","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-1094","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1094"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1094"}],"description":"The version of postgresql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1094 advisory.\n\n - Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected.\n (CVE-2025-1094)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216630","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: postgresql (CVE-2025-1094)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-21T00:00:00","cvss":{"cvssv3_score":8.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":6.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.6,"cvssv3_temporal_vector_base":"E:F/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:F/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"9.2","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVB":["2025-B-0028"]},"pluginPublicationDate":"2/21/2025","pluginModificationDate":"2/24/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Critical","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Critical","severity":"High"},"sort":[1740096000000,"216630"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216629","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-3164","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3164"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3164"}],"description":"The version of libtiff installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3164 advisory.\n\n - A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. (CVE-2023-3164)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216629","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: libtiff (CVE-2023-3164)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-21T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/21/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740096000000,"216629"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216627","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-12797","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12797"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-12797"}],"description":"The version of cloud-hypervisor-cvm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12797 advisory.\n\n - Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server May fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys May be vulnerable to man-in-middle attacks when server authentication failure is not detected by clients. RPKs are disabled by default in both TLS clients and TLS servers. The issue only arises when TLS clients explicitly enable RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate chain. The affected clients are those that then rely on the handshake to fail when the server's RPK fails to match one of the expected public keys, by setting the verification mode to SSL_VERIFY_PEER. Clients that enable server-side raw public keys can still find out that raw public key verification failed by calling SSL_get_verify_result(), and those that do, and take appropriate action, are not affected. This issue was introduced in the initial implementation of RPK support in OpenSSL 3.2. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. (CVE-2024-12797)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216627","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm (CVE-2024-12797)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-21T00:00:00","cvss":{"cvssv3_score":6.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":5.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.9","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/21/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740096000000,"216627"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216624","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-1244","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1244"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1244"}],"description":"The version of emacs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1244 advisory.\n\n - A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. (CVE-2025-1244)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"216624","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: emacs (CVE-2025-1244)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-21T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/21/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1740096000000,"216624"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216572","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2021-43519","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43519"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43519"}],"description":"The version of lua / memcached / ntopng installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-43519 advisory.\n\n - Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file. (CVE-2021-43519)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216572","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: lua / memcached / ntopng (CVE-2021-43519)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-21T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/21/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740096000000,"216572"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216369","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-39742","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39742"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39742"}],"description":"The version of giflib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-39742 advisory.\n\n - giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. (CVE-2023-39742)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216369","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: giflib (CVE-2023-39742)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-17T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/17/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1739750400000,"216369"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216367","_score":null,"_source":{"plugin_modification_date":"2025-02-28T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-1182","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1182"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1182"}],"description":"The version of binutils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1182 advisory.\n\n - A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and May be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue. (CVE-2025-1182)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216367","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: binutils (CVE-2025-1182)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-17T00:00:00","cvss":{"cvssv3_score":5,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":5.1,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":2.3,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":4.4,"cvssv4_vector_base":"AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvssv4_vector":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_temporal_score":3.8,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":0.6,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":"Low"},"vpr_score":"4.9","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/17/2025","pluginModificationDate":"2/28/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":"Low","vprSeverity":"Medium","severity":"Medium"},"sort":[1739750400000,"216367"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216366","_score":null,"_source":{"plugin_modification_date":"2025-02-17T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-0408","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-0408"}],"description":"The version of xorg-x11-server installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0408 advisory.\n\n - A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.\n (CVE-2024-0408)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216366","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: xorg-x11-server (CVE-2024-0408)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-17T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/17/2025","pluginModificationDate":"2/17/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1739750400000,"216366"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216365","_score":null,"_source":{"plugin_modification_date":"2025-02-28T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0095","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-1176","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1176"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1176"}],"description":"The version of binutils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1176 advisory.\n\n - A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function\n _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack May be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and May be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue. (CVE-2025-1176)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216365","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: binutils (CVE-2025-1176)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-17T00:00:00","cvss":{"cvssv3_score":5,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":5.1,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":2.3,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":4.5,"cvssv4_vector_base":"AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvssv4_vector":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_temporal_score":4,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:P","cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv4_threat_score":1.3,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":"Low"},"vpr_score":"4.9","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0095"]},"pluginPublicationDate":"2/17/2025","pluginModificationDate":"2/28/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":"Low","vprSeverity":"Medium","severity":"Medium"},"sort":[1739750400000,"216365"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216364","_score":null,"_source":{"plugin_modification_date":"2025-02-28T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-1181","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1181"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1181"}],"description":"The version of binutils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1181 advisory.\n\n - A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and May be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue. (CVE-2025-1181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216364","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: binutils (CVE-2025-1181)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-17T00:00:00","cvss":{"cvssv3_score":5,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":5.1,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":2.3,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":4.4,"cvssv4_vector_base":"AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvssv4_vector":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_temporal_score":3.8,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":0.6,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":"Low"},"vpr_score":"4.9","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/17/2025","pluginModificationDate":"2/28/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":"Low","vprSeverity":"Medium","severity":"Medium"},"sort":[1739750400000,"216364"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216363","_score":null,"_source":{"plugin_modification_date":"2025-02-17T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-28736","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28736"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28736"}],"description":"The version of mdadm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28736 advisory.\n\n - Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 May allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-28736)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216363","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: mdadm (CVE-2023-28736)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-17T00:00:00","cvss":{"cvssv3_score":6.7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C","cvssv3_temporal_score":5.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:M/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/17/2025","pluginModificationDate":"2/17/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1739750400000,"216363"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216361","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-52616","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52616"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52616"}],"description":"The version of avahi installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52616 advisory.\n\n - avahi: Avahi Wide-Area DNS Uses Constant Source Port (CVE-2024-52615) avahi: Avahi Wide-Area DNS Predictable Transaction IDs (CVE-2024-52616) (CVE-2024-52616)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216361","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: avahi (CVE-2024-52616)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-16T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":4.6,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"1.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/16/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1739664000000,"216361"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216360","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0086","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-23419","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23419"}],"description":"The version of nginx installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23419 advisory.\n\n - When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key are used and/or the SSL session cache https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache are used in the default server and the default server is performing client certificate authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2025-23419)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216360","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: nginx (CVE-2025-23419)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-16T00:00:00","cvss":{"cvssv3_score":4.3,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":4,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":5.3,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N","cvssv3_temporal_score":3.8,"cvssv4_vector_base":"AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:L/Au:S/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvssv4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","cvssv2_temporal_score":3,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":1.3,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":"Medium"},"vpr_score":"2.9","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0086"]},"pluginPublicationDate":"2/16/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":"Medium","vprSeverity":"Low","severity":"Medium"},"sort":[1739664000000,"216360"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216359","_score":null,"_source":{"plugin_modification_date":"2025-02-16T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-50966","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50966"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-50966"}],"description":"The version of rabbitmq-server installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50966 advisory.\n\n - erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header. (CVE-2023-50966)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216359","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: rabbitmq-server (CVE-2023-50966)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-16T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":4.6,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvssv4_vector":null,"cvssv2_temporal_score":3.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"1.4","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/16/2025","pluginModificationDate":"2/16/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1739664000000,"216359"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216358","_score":null,"_source":{"plugin_modification_date":"2025-02-16T00:00:00","references":[{"id_type":"IAVA","id":"2025-A-0095","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2025-0840","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0840"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-0840"}],"description":"The version of binutils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0840 advisory.\n\n - A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and May be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component.\n (CVE-2025-0840)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216358","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: binutils (CVE-2025-0840)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-16T00:00:00","cvss":{"cvssv3_score":5,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":5.1,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":6.3,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":4.4,"cvssv4_vector_base":"AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:H/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvssv4_vector":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","cvssv2_temporal_score":3.8,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":1.7,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":"Medium"},"vpr_score":"7.4","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2025-A-0095"]},"pluginPublicationDate":"2/16/2025","pluginModificationDate":"2/16/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":"Medium","vprSeverity":"High","severity":"Medium"},"sort":[1739664000000,"216358"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216343","_score":null,"_source":{"plugin_modification_date":"2025-02-15T00:00:00","references":[{"id_type":"cve","id":"CVE-2022-48174","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48174"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48174"}],"description":"The version of busybox installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48174 advisory.\n\n - There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.\n (CVE-2022-48174)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"216343","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: busybox (CVE-2022-48174)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-15T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/15/2025","pluginModificationDate":"2/15/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1739577600000,"216343"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216287","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-22020","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22020"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-22020"}],"description":"The version of nodejs / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22020 advisory.\n\n - A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports. Exploiting this flaw can violate network import security, posing a risk to developers and servers. (CVE-2024-22020)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216287","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: nodejs / nodejs18 (CVE-2024-22020)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-14T00:00:00","cvss":{"cvssv3_score":6.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":5.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"5.5","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/14/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1739491200000,"216287"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216286","_score":null,"_source":{"plugin_modification_date":"2025-02-14T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-46137","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46137"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46137"}],"description":"The version of python-twisted installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46137 advisory.\n\n - Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, the attacker can delay the response on purpose to manipulate the response of the second request when a victim launched two requests using HTTP pipeline. Version 23.10.0rc1 contains a patch for this issue. (CVE-2023-46137)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216286","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: python-twisted (CVE-2023-46137)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-14T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"2.2","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/14/2025","pluginModificationDate":"2/14/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1739491200000,"216286"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216285","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-45339","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45339"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45339"}],"description":"The version of sriov-network-device-plugin / vitess installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45339 advisory.\n\n - When logs are written to a widely-writable directory (the default), an unprivileged attacker May predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists. (CVE-2024-45339)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216285","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: sriov-network-device-plugin / vitess (CVE-2024-45339)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-14T00:00:00","cvss":{"cvssv3_score":7.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:N","cvssv3_temporal_score":6.2,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.0","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/14/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1739491200000,"216285"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216284","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-23085","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23085"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23085"}],"description":"The version of nodejs / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23085 advisory.\n\n - A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x. (CVE-2025-23085)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216284","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: nodejs / nodejs18 (CVE-2025-23085)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-14T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":4.6,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvssv4_vector":null,"cvssv2_temporal_score":3.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"2.9","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/14/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1739491200000,"216284"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216283","_score":null,"_source":{"plugin_modification_date":"2025-02-14T00:00:00","references":[{"id_type":"IAVA","id":"2023-A-0442-S","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2023-27043","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27043"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27043"}],"description":"The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27043 advisory.\n\n - The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses May be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. (CVE-2023-27043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"216283","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: python3 (CVE-2023-27043)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-14T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":5,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":8.9,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":4.8,"cvssv4_vector_base":"AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvssv4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","cvssv2_temporal_score":3.9,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:P","cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv4_threat_score":8.9,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":"High"},"vpr_score":"2.2","script_family":"MarinerOS Local Security Checks","xrefs":{"IAVA":["2023-A-0442-S"]},"pluginPublicationDate":"2/14/2025","pluginModificationDate":"2/14/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":"High","vprSeverity":"Low","severity":"Medium"},"sort":[1739491200000,"216283"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216282","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-22150","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22150"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22150"}],"description":"The version of nodejs / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22150 advisory.\n\n - Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to versions 5.28.5, 6.21.1, and 7.2.3, undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If there is a mechanism in an app that sends multipart requests to an attacker-controlled website, they can use this to leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met. This is fixed in versions 5.28.5, 6.21.1, and 7.2.3. As a workaround, do not issue multipart requests to attacker controlled servers. (CVE-2025-22150)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216282","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: nodejs / nodejs18 (CVE-2025-22150)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-14T00:00:00","cvss":{"cvssv3_score":6.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N","cvssv3_temporal_score":5.9,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:C/I:C/A:N","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.1,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.0","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/14/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1739491200000,"216282"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216281","_score":null,"_source":{"plugin_modification_date":"2025-02-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2025-0725","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-0725"}],"description":"The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0725 advisory.\n\n - When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. (CVE-2025-0725)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"216281","available_languages":["en_US"],"synopsis":"The remote CBL Mariner host is missing one or more security updates.","script_name":"CBL Mariner 2.0 Security Update: mysql (CVE-2025-0725)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update the affected packages.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-14T00:00:00","cvss":{"cvssv3_score":7.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":6.4,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"4.2","script_family":"MarinerOS Local Security Checks","xrefs":{},"pluginPublicationDate":"2/14/2025","pluginModificationDate":"2/21/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1739491200000,"216281"]}],"total":1798,"type":"nessus","family":"MarinerOS Local Security Checks","page":1,"apiUrl":"https://www.tenable.com/plugins/api/v1/nessus/families/MarinerOS%20Local%20Security%20Checks?page=1"},"cookies":{},"user":null,"flash":null,"env":{"baseUrl":"https://www.tenable.com","host":"www.tenable.com","ga4TrackingId":""},"isUnsupportedBrowser":true,"__N_SSP":true},"page":"/plugins/[type]/families/[family]","query":{"type":"nessus","family":"MarinerOS Local Security Checks"},"buildId":"quwZI-HT3Gc5YWLCRl-UF","isFallback":false,"isExperimentalCompile":false,"gssp":true,"appGip":true,"locale":"en","locales":["en","de","es","fr","ja","ko","zh-CN","zh-TW"],"defaultLocale":"en","domainLocales":[{"domain":"www.tenable.com","defaultLocale":"en"},{"domain":"de.tenable.com","defaultLocale":"de"},{"domain":"es-la.tenable.com","defaultLocale":"es"},{"domain":"fr.tenable.com","defaultLocale":"fr"},{"domain":"jp.tenable.com","defaultLocale":"ja"},{"domain":"kr.tenable.com","defaultLocale":"ko"},{"domain":"www.tenablecloud.cn","defaultLocale":"zh-CN"},{"domain":"zh-tw.tenable.com","defaultLocale":"zh-TW"}],"scriptLoader":[]}</script></body></html>