MiracleLinux 7 : rh-postgresql13-postgresql-13.7-1.el7 (AXSA:2022-3205:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3205:01 advisory. postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox CVE-2022-1552 Tenable has extracted the preceding description block...

MiracleLinux 7 : postgresql-9.2.24-8.el7 (AXSA:2022-3279:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3279:01 advisory. postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox CVE-2022-1552 Tenable has extracted the preceding description block...

MiracleLinux 7 : podman-1.6.4-36.el7 (AXSA:2022-3718:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3718:02 advisory. podman: Security regression of CVE-2020-8945 due to source code management issue CVE-2022-2738 podman: Security regression of CVE-2020-14370 due to...

MiracleLinux 7 : webkitgtk4-2.28.2-3.el7 (AXSA:2022-2927:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2927:01 advisory. webkitgtk: Use-after-free leading to arbitrary code execution CVE-2021-30858 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : rsyslog-8.2102.0-7.el8.1 (AXSA:2022-3666:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3666:04 advisory. rsyslog: Heap-based overflow in TCP syslog server CVE-2022-24903 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 8 : thunderbird-91.13.0-1.el8.ML.1 (AXSA:2022-3794:12)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3794:12 advisory. Mozilla: Address bar spoofing via XSLT error handling CVE-2022-38472 Mozilla: Cross-origin XSLT Documents would have inherited the parent's...

MiracleLinux 8 : flatpak-1.8.7-1.el8 (AXSA:2022-3593:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3593:03 advisory. flatpak: Permissions granted to applications can be hidden from the user at install time CVE-2021-43860 Tenable has extracted the preceding description block...

MiracleLinux 9 : firefox-102.3.0-6.el9.ML.1 (AXSA:2022-4111:35)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4111:35 advisory. Mozilla: Bypassing FeaturePolicy restrictions on transient pages CVE-2022-40959 Mozilla: Data-race when parsing non-UTF-8 URLs in threads...

MiracleLinux 8 : exiv2-0.27.5-2.el8 (AXSA:2022-3533:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3533:01 advisory. exiv2: stack exhaustion issue in the printIFDStructure function may lead to DoS CVE-2020-18898 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : thunderbird-91.9.1-1.el8.ML.2 (AXSA:2022-3714:08)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3714:08 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 8 : python27:2.7 (AXSA:2022-4445:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4445:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107. Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : kernel-4.18.0-372.16.1.el8_6 (AXSA:2022-3815:13)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3815:13 advisory. kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.1 (AXSA:2022-3021:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3021:01 advisory. httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : rh-mariadb105-mariadb (AXSA:2022-3124:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3124:01 advisory. mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2154 mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2166 mysq...

MiracleLinux 8 : fapolicyd-1.1-6.el8 (AXSA:2022-3437:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3437:01 advisory. fapolicyd: fapolicyd wrongly prepares ld.so path CVE-2022-1117 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : libsndfile-1.0.28-12.el8 (AXSA:2022-3352:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3352:01 advisory. libsndfile: heap out-of-bounds read in src/flac.c in flacbuffercopy CVE-2021-4156 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : thunderbird-91.11.0-2.el9.ML.1 (AXSA:2022-4028:19)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4028:19 advisory. Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 Mozilla: Use-after-free in nsSHistor...

MiracleLinux 8 : xmlrpc-c-1.51.0-8.el8 (AXSA:2022-4217:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4217:04 advisory. expat: Integer overflow in doProlog in xmlparse.c CVE-2021-46143 expat: Integer overflow in addBinding in xmlparse.c CVE-2022-22822 expat: Integer...

MiracleLinux 8 : firefox-102.4.0-1.el8.ML.1 (AXSA:2022-3915:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3915:28 advisory. Mozilla: Same-origin policy violation could have leaked cross-origin URLs CVE-2022-42927 Mozilla: Memory Corruption in JS Engine CVE-2022-42928...

MiracleLinux 9 : thunderbird-102.3.0-4.el9.ML.1 (AXSA:2022-4150:23)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4150:23 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...