MiracleLinux 8 : firefox-91.10.0-1.el8.ML.1 (AXSA:2022-3739:18)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3739:18 advisory. Mozilla: Cross-Origin resource's length leaked CVE-2022-31736 Mozilla: Heap buffer overflow in WebGL CVE-2022-31737 Mozilla: Browser window spoof...

MiracleLinux 9 : podman-4.6.1-7.el9_3 (AXSA:2023-7058:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7058:08 advisory. golang: crypto/tls: slow verification of certificate chains containing large RSA keys CVE-2023-29409 golang: html/template: improper handling of...

MiracleLinux 7 : libsrtp-1.4.4-11.20101004cvs.el7 (AXSA:2020-568:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-568:01 advisory. libsrtp: improper handling of CSRC count and extension header length in RTP header CVE-2015-6360 libsrtp: buffer overflow in application of crypto...

MiracleLinux 9 : cyrus-imapd-3.4.8-1.el9 (AXSA:2024-9200:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9200:03 advisory. cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 Tenable has extracted the preceding description block...

MiracleLinux 9 : exfatprogs-1.2.2-2.el9 (AXSA:2024-7812:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7812:01 advisory. exfatprogs: exfatprogs allows out-of-bounds memory access CVE-2023-45897 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : dotnet8.0-8.0.110-1.el9_4.ML.1 (AXSA:2024-8897:18)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8897:18 advisory. dotnet: kestrel: closing an HTTP/3 stream can cause a race condition and lead to remote code execution CVE-2024-38229 dotnet: Multiple .NET componen...

MiracleLinux 9 : jose-14-1.el9 (AXSA:2024-9219:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9219:02 advisory. jose: resource exhaustion CVE-2024-28176 jose: Denial of service due to uncontrolled CPU consumption CVE-2023-50967 Tenable has extracted the...

MiracleLinux 9 : golang-1.20.12-1.el9_3 (AXSA:2024-7583:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7583:01 advisory. golang: net/http/internal: Denial of Service DoS via Resource Consumption via HTTP requests CVE-2023-39326 golang: cmd/go: Protocol Fallback when...

MiracleLinux 8 : emacs-26.1-9.el8 (AXSA:2023-5965:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5965:05 advisory. emacs: ctags local command execution vulnerability CVE-2022-45939 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 8 : libtiff-4.0.9-29.el8 (AXSA:2023-6460:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6460:07 advisory. libtiff: out-of-bounds write in extractContigSamplesShifted16bits in tools/tiffcrop.c CVE-2023-0800 libtiff: out-of-bounds write in TIFFmemcpy in...

MiracleLinux 9 : ghostscript-9.54.0-10.el9 (AXSA:2023-6481:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6481:03 advisory. ghostscript: vulnerable to OS command injection due to mishandles permission validation for pipe devices CVE-2023-36664 Tenable has extracted the preceding...

MiracleLinux 9 : golang-1.21.11-1.el9_4 (AXSA:2024-8506:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8506:06 advisory. golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped...

MiracleLinux 7 : bluez-5.44-7.el7 (AXSA:2020-565:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-565:03 advisory. bluez: Improper access control in subsystem could result in privilege escalation and DoS CVE-2020-0556 Tenable has extracted the preceding description block...

MiracleLinux 9 : golang-1.17.12-1.el9, go-toolset-1.17.12-1.el9 (AXSA:2022-4035:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4035:01 advisory. golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: net/http: improper sanitization of Transfer-Encoding header...

MiracleLinux 8 : openjpeg2-2.4.0-5.el8 (AXSA:2022-4149:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4149:01 advisory. openjpeg: segmentation fault in opj2decompress due to uninitialized pointer CVE-2022-1122 Tenable has extracted the preceding description block directly from...

MiracleLinux 9 : nodejs-16.20.2-4.el9_3 (AXSA:2024-7625:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7625:01 advisory. nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 Tenable has extracted the preceding description blo...

MiracleLinux 7 : ipa-4.6.8-5.16.0.1.el7.AXS7 (AXSA:2024-7410:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7410:02 advisory. ipa: Invalid CSRF protection CVE-2023-5455 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : pcs-0.10.12-6.el8.2.ML.1 (AXSA:2022-3795:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3795:05 advisory. pcs: obtaining an authentication token for hacluster user could lead to privilege escalation CVE-2022-2735 Tenable has extracted the preceding description...

MiracleLinux 7 : spice-gtk-0.35-5.el7.1, spice-0.14.0-9.el7.1 (AXSA:2020-682:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-682:05 advisory. spice: multiple buffer overflow vulnerabilities in QUIC decoding code CVE-2020-14355 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : dotnet6.0-6.0.124-1.el9.ML.1 (AXSA:2023-6561:26)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6561:26 advisory. dotnet: Denial of Service with Client Certificates using .NET Kestrel CVE-2023-36799 Tenable has extracted the preceding description block directly from the...