MiracleLinux 8 : httpd:2.4 (AXSA:2023-6424:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6424:01 advisory. httpd: modproxyuwsgi HTTP response splitting CVE-2023-27522 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : httpd-2.4.57-11.el9_4 (AXSA:2024-8602:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8602:02 advisory. httpd: Improper escaping of output in modrewrite CVE-2024-38475 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: null pointer...

MiracleLinux 8 : httpd:2.4 (AXSA:2021-2774:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2774:01 advisory. httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF'...

MiracleLinux 8 : httpd:2.4 (AXSA:2022-3019:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3019:01 advisory. httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : httpd-2.4.6-97.4.0.1.el7.AXS7 (AXSA:2022-2982:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2982:01 advisory. httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 httpd: modsession: Heap overflow via a crafted SessionHeader...

MiracleLinux 7 : keycloak-httpd-client-install-0.8-1.el7 (AXSA:2019-4175:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4175:01 advisory. keycloak-httpd-client-install: unsafe /tmp log file in --log-file option in keycloakcli.py CVE-2017-15111 keycloak-httpd-client-install: unsafe use ...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

MiracleLinux 7 : httpd-2.4.6-97.5.0.1.el7.AXS7 (AXSA:2022-3128:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3128:02 advisory. httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 Tenable has extracted the preceding description...

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.5 (AXSA:2022-3871:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3871:03 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: NULL...

MiracleLinux 8 : httpd:2.4 (AXSA:2021-2541:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2541:01 advisory. httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF'...

MiracleLinux 8 : httpd:2.4 (AXSA:2022-4399:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4399:01 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of uninitialized value of in r:parsebody CVE-2022-22719 httpd: core:...

MiracleLinux 8 : httpd:2.4 (AXSA:2022-2988:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2988:01 advisory. httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Miracle Linux CVE-2021-20325 Tenable has extracted the preceding description block...

MiracleLinux 9 : httpd-2.4.62-1.el9 (AXSA:2024-9215:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9215:08 advisory. httpd: HTTP response splitting CVE-2023-38709 httpd: HTTP Response Splitting in multiple modules CVE-2024-24795 Tenable has extracted the preceding...

MiracleLinux 7 : subversion-1.7.14-14.el7 (AXEA:2018-2733:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXEA:2018-2733:01 advisory. - modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access,...

MiracleLinux 7 : httpd24-httpd-2.4.34-22.el7.1 (AXSA:2021-2460:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2460:01 advisory. httpd: modproxy: SSRF via a crafted request uri-path containing unix: CVE-2021-40438 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : httpd24-httpd-2.4.25-9.el7 (AXSA:2017-1638:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1638:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2016-0736 RESERVED This...

MiracleLinux 7 : httpd24-httpd-2.4.25-9.el7.1 (AXSA:2017-2226:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2226:02 advisory. It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related t...

MiracleLinux 8 : httpd:2.4 (AXSA:2022-3127:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3127:01 advisory. httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 Tenable has extracted the preceding description...

MiracleLinux 4 : httpd24-httpd-2.4.34-7.AXS4.1 (AXSA:2019-3830:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3830:01 advisory. httpd: privilege escalation from modules scripts CVE-2019-0211 modauthmellon: authentication bypass in ECP flow CVE-2019-3878 Tenable has extracted...

MiracleLinux 7 : httpd24-nghttp2-1.7.1-7.el7, httpd24-curl-7.61.1-1.el7, httpd24-httpd-2.4.34-7.el7 (AXSA:2019-3739:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3739:01 advisory. httpd: Improper handling of headers in modsession can allow a remote user to modify session data for CGI applications CVE-2018-1283 httpd: Out of...