MiracleLinux 9 : python3.11-3.11.2-2.el9.1 (AXSA:2023-6031:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6031:01 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2023-7318:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7318:02 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper...

MiracleLinux 9 : butane-0.16.0-1.el9 (AXSA:2023-5817:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5817:02 advisory. golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 golang: math/big: decoding big.Float and big.Rat types can panic if the...

MiracleLinux 8 : java-11-openjdk-11.0.19.0.7-1.el8 (AXSA:2023-5306:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5306:08 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

MiracleLinux 9 : libldb-2.5.2-1.el9 (AXSA:2023-4788:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4788:01 advisory. samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request CVE-2022-32746 Tenable has extracted the preceding...

MiracleLinux 9 : pixman-0.40.0-6.el9_3 (AXSA:2023-7051:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7051:01 advisory. pixman: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write CVE-2022-44638 Tenable has extracted the preceding description block...

MiracleLinux 7 : open-vm-tools-11.0.5-3.el7.6 (AXSA:2023-6175:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6175:05 advisory. open-vm-tools: authentication bypass vulnerability in the vgauth module CVE-2023-20867 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : golang-1.19.10-1.el9, go-toolset-1.19.10-1.el9 (AXSA:2023-6174:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6174:04 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary...

MiracleLinux 8 : tang-7-8.el8 (AXSA:2023-7186:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7186:03 advisory. tang: Race condition exists in the key generation and rotation functionality CVE-2023-1672 Tenable has extracted the preceding description block directly fro...

MiracleLinux 9 : dmidecode-3.3-7.el9.1 (AXSA:2023-6397:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6397:01 advisory. dmidecode: dump-bin to overwrite a local file CVE-2023-30630 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : ImageMagick-6.9.10.68-7.el7 (AXSA:2023-6474:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6474:01 advisory. ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS CVE-2021-40211 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : frr-7.5.1-7.el8.2.ML.1 (AXSA:2023-6437:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6437:06 advisory. frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router CVE-2023-38802 Tenable has extracted the preceding...

MiracleLinux 8 : thunderbird-102.7.1-1.el8.ML.1 (AXSA:2023-4905:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4905:03 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...

MiracleLinux 8 : firefox-102.10.0-1.el8.ML.1 (AXSA:2023-5298:15)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5298:15 advisory. MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp Mozilla: Fullscreen notification obscured CVE-2023-29533 Mozilla: Potential Memory Corruption...

MiracleLinux 9 : liblouis-3.16.1-5.el9 (AXSA:2023-6663:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6663:01 advisory. liblouis: buffer overflow in loulogFile function at logginc.c CVE-2023-26767 liblouis: buffer overflow in lousetDataPath CVE-2023-26768 liblouis:...

MiracleLinux 9 : nodejs-16.20.2-1.el9 (AXSA:2023-6490:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6490:04 advisory. nodejs: Permissions policies can be bypassed via Module.load CVE-2023-32002 nodejs: Permissions policies can impersonate other modules in using...

MiracleLinux 9 : curl-7.76.1-23.el9.4 (AXSA:2023-6515:13)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6515:13 advisory. curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file CVE-2023-38546 Tenable has...

MiracleLinux 9 : freeradius-3.0.21-37.el9 (AXSA:2023-5499:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5499:02 advisory. freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on unknown option in EAP-SIM CVE-2022-41860 freeradius: Crash on invalid...

MiracleLinux 8 : edk2-20220126gitbb1bba3d77-4.el8 (AXSA:2023-5950:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5950:03 advisory. openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 openssl: timing attack in RSA Decryption implementation CVE-2022-4304...

MiracleLinux 9 : dbus-1.12.20-7.el9 (AXSA:2023-4874:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4874:04 advisory. dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets CVE-2022-42010 dbus: dbus-daemon can be...