MiracleLinux 9 : python3.9-3.9.16-1.el9.1 (AXSA:2023-6033:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6033:03 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.5 (AXSA:2024-8753:22)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8753:22 advisory. cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection CVE-2024-6923 Tenable has extracted the preceding...

MiracleLinux 9 : NetworkManager-libreswan-1.2.22-4.el9_5 (AXSA:2024-9430:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9430:08 advisory. NetworkManager-libreswan: Local privilege escalation via leftupdown CVE-2024-9050 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : maven:3.6 (AXSA:2022-3738:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3738:01 advisory. maven-shared-utils: Command injection via Commandline class CVE-2022-29599 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 7 : rh-python38 (AXSA:2021-2383:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2383:01 advisory. python-cryptography: Bleichenbacher timing oracle attack against RSA decryption CVE-2020-25659 python: Unsafe use of eval on data retrieved via HTTP...

MiracleLinux 8 : gnupg2-2.2.20-3.el8 (AXSA:2022-3833:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3833:01 advisory. gpg: Signature spoofing via status line injection CVE-2022-34903 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 9 : libreoffice-7.1.8.1-12.el9_3.ML.1 (AXSA:2024-7635:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7635:01 advisory. CVE-2023-6186 libreoffice: various flaws CVE-2023-6185 libreoffice: various flaws Tenable has extracted the preceding description block directly fro...

MiracleLinux 9 : qt5-qtbase-5.15.9-10.el9_4 (AXSA:2024-8586:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8586:04 advisory. qtbase: qtbase: Delay any communication until encrypted can be responded to CVE-2024-39936 Tenable has extracted the preceding description block directly fro...

MiracleLinux 8 : unbound-1.16.2-5.el8 (AXSA:2023-5872:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5872:03 advisory. unbound: NRDelegation attack leads to uncontrolled resource consumption Non-Responsive Delegation Attack CVE-2022-3204 Tenable has extracted the preceding...

MiracleLinux 9 : thunderbird-128.4.0-1.el9_5.ML.2 (AXSA:2024-9408:29)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9408:29 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 firefox: thunderbird: History interface could have been used to...

MiracleLinux 7 : rh-ruby30-ruby-3.0.4-149.el7 (AXSA:2022-3890:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3890:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

MiracleLinux 8 : grafana-7.3.6-2.el8 (AXSA:2021-2087:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2087:03 advisory. crewjam/saml: authentication bypass in saml authentication CVE-2020-27846 grafana: XSS via a query alias for the Elasticsearch and Testdata datasour...

MiracleLinux 7 : gettext-0.19.8.1-3.el7 (AXSA:2020-4542:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4542:01 advisory. gettext: double free in defaultaddmessage in read-catalog.c CVE-2018-18751 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 7 : firefox-78.12.0-1.0.1.el7.AXS7 (AXSA:2021-2225:16)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2225:16 advisory. Mozilla: Use-after-free in accessibility features of a document CVE-2021-29970 Mozilla: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12...

MiracleLinux 9 : nodejs:18 (AXSA:2024-8778:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8778:01 advisory. node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import restrictio...

MiracleLinux 4 : firefox-78.7.0-2.0.1.AXS4 (AXSA:2021-1360:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1360:03 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...

MiracleLinux 8 : nodejs:18 (AXSA:2023-5259:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5259:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 http-cache-semantics: Regular Expression Denial of Service ReDoS vulnerability...

MiracleLinux 9 : mod_http2-2.0.26-2.el9_4.1 (AXSA:2024-8954:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8954:04 advisory. modhttp2: DoS by null pointer in websocket over HTTP/2 CVE-2024-36387 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : squid:4 (AXSA:2024-7336:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7336:01 advisory. squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 Tenable...

MiracleLinux 8 : cairo-1.15.12-6.el8, pixman-0.38.4-2.el8 (AXSA:2022-3446:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3446:01 advisory. cairo: libreoffice slideshow aborts with stack smashing in cairo's compositeboxes CVE-2020-35492 Tenable has extracted the preceding description block direct...