[R2] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities

Read Time:23 Second

Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers.

Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of these issues. Tenable.sc 5.19.0 updates the following components:

1. Handlebars
CVE-2019-19919
Severity: Critical

2. Underscore
CVE-2021-23358
Severity: High

python-setuptools-69.0.3-4.fc40

FEDORA-2024-247e9ba33a Packages in this update: python-setuptools-69.0.3-4.fc40 Update description: Security fix for CVE-2024-6345. Read More

July 26, 2024

python-setuptools-67.7.2-8.fc39

FEDORA-2024-9ed182a5d3 Packages in this update: python-setuptools-67.7.2-8.fc39 Update description: Security fix for CVE-2024-6345. Read More

July 26, 2024

USN-6919-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...

July 26, 2024

USN-6918-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings...

July 26, 2024

USN-6917-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...

July 26, 2024

curl-8.6.0-9.fc40

FEDORA-2024-a7976ba89f Packages in this update: curl-8.6.0-9.fc40 Update description: fix freeing stack buffer in utf8asn1str (CVE-2024-6197) Read More

July 26, 2024

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

Friday Squid Blogging: Sunscreen from Squid Pigments

Compromising the Secure Boot Process

Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain

Hacktivists Claim Leak of CrowdStrike Threat Intelligence

CrowdStrike Falcon Outage Exploited for Social Engineering

Despite Bans, AI Code Tools Widespread in Organizations

North Korean Hackers Target Critical Infrastructure for Military Gain

The CrowdStrike Outage and Market-Driven Brittleness

[R2] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities

python-setuptools-69.0.3-4.fc40

python-setuptools-67.7.2-8.fc39

USN-6919-1: Linux kernel vulnerabilities

USN-6918-1: Linux kernel vulnerabilities

USN-6917-1: Linux kernel vulnerabilities

curl-8.6.0-9.fc40