MiracleLinux 7 : zlib-1.2.7-21.el7 (AXSA:2023-5213:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5213:04 advisory. zlib: heap-based buffer over-read and overflow in inflate in inflate.c via a large gzip header extra field CVE-2022-37434 Tenable has extracted the preceding...

MiracleLinux 7 : pki-core-10.5.18-24.el7 (AXSA:2022-4313:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4313:05 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : 389-ds-base-1.3.10.2-12.el7 (AXSA:2021-1847:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1847:03 advisory. 389-ds-base: information disclosure during the binding of a DN CVE-2020-35518 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : libwmf-0.2.8.4-44.el7 (AXSA:2020-679:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-679:03 advisory. gd: double free in the gdImagePtr in gdgifout.c, gdjpeg.c, and gdwbmp.c CVE-2019-6978 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : postgresql-9.2.24-6.el7 (AXSA:2021-1738:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1738:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.312.b07-1.el7 (AXSA:2021-2489:11)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2489:11 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.422.b05-1.0.1.el7.AXS7 (AXSA:2024-8735:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8735:15 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK:...

MiracleLinux 7 : nss-3.53.1-7.el7 (AXSA:2021-1732:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1732:03 advisory. nss: TLS 1.3 CCS flood remote DoS Attack CVE-2020-25648 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 7 : rh-nodejs14-nodejs-14.16.0-1.el7 (AXSA:2021-1590:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1590:02 advisory. nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22883 nodejs: DNS rebinding in --inspect CVE-2021-22884 Tenable has...

MiracleLinux 7 : tomcat-7.0.76-15.el7 (AXSA:2020-627:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-627:03 advisory. tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS CVE-2020-13935 tomcat: session fixation when using FORM...

MiracleLinux 7 : tigervnc-1.8.0-24.el7, xorg-x11-server-1.20.4-22.el7 (AXSA:2023-5028:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5028:01 advisory. xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation CVE-2023-0494 Tenable has extracted the preceding description block...

MiracleLinux 7 : 389-ds-base-1.3.10.2-17.el7 (AXSA:2022-3917:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3917:03 advisory. 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 7 : php-5.4.16-48.0.3.el7.AXS7 (AXSA:2024-9004:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9004:04 advisory. CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer CVEs: CVE-2024-8925 In PHP versions 8.1...

MiracleLinux 7 : unbound-1.6.6-5.0.1.el7.AXS7 (AXSA:2024-8714:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8714:05 advisory. CVE-2023-50387: enhanced DNS resolver performance and stability by optimizing the handling of DNSSEC responses, reducing the potential for resource exhaustio...

MiracleLinux 7 : pango-1.42.4-4.el7 (AXSA:2020-060:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-060:01 advisory. pango: pangolog2visgetembeddinglevels heap-based buffer overflow CVE-2019-1010238 CVE-2019-1010238 Gnome Pango 1.42 and later is affected by: Buffer Overflow...

MiracleLinux 7 : httpd-2.4.6-97.2.0.1.el7.AXS7 (AXSA:2021-2543:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2543:02 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Bug Fixes: proxy rewrite to unix socket fails with...

MiracleLinux 7 : firefox-91.10.0-1.0.1.el7.AXS7 (AXSA:2022-3202:14)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3202:14 advisory. Mozilla: Cross-Origin resource's length leaked CVE-2022-31736 Mozilla: Heap buffer overflow in WebGL CVE-2022-31737 Mozilla: Browser window spoof...

MiracleLinux 7 : flatpak-1.0.9-13.0.1.el7.AXS7 (AXSA:2024-8901:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8901:07 advisory. CVE-2024-42472: access to files outside sandbox for apps using persistent directories CVEs: CVE-2024-42472 Flatpak is a Linux application sandboxing and...

MiracleLinux 7 : xorg-x11-server-1.20.4-24.el7 (AXSA:2023-6568:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6568:06 advisory. xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 Tenable has extracted the preceding description block...

MiracleLinux 7 : rh-ruby27-ruby-2.7.6-131.el7 (AXSA:2022-3889:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3889:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...