MiracleLinux 9 : golang-1.19.10-1.el9, go-toolset-1.19.10-1.el9 (AXSA:2023-6174:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6174:04 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary...

MiracleLinux 7 : samba-4.10.16-15.el7 (AXSA:2021-1874:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1874:03 advisory. samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token CVE-2021-20254 Tenable has extracted the precedi...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.251-2.6.21.0.AXS4 (AXSA:2020-4483:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4483:01 advisory. OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS Security, 8229951 CVE-2020-2601 OpenJDK: Serialization filter changes via jdk.serialFilter...

MiracleLinux 8 : libxml2-2.9.7-13.el8.1 (AXSA:2022-3668:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3668:04 advisory. libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write CVE-2022-29824 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : pki-core:10.6 (AXSA:2022-3574:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3574:01 advisory. JSS: memory leak in TLS connection leads to OOM CVE-2021-4213 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : java-17-openjdk-17.0.9.0.9-2.el8 (AXSA:2023-6546:18)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6546:18 advisory. OpenJDK: memory corruption issue on x8664 with AVX-512 8317121 CVE-2023-22025 OpenJDK: certificate path validation issue during client authenticatio...

MiracleLinux 8 : mutt-2.0.7-3.el8 (AXSA:2024-8327:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8327:02 advisory. mutt: null pointer dereference CVE-2023-4874 mutt: null pointer dereference CVE-2023-4875 Tenable has extracted the preceding description block...

MiracleLinux 8 : bind-9.11.26-6.el8 (AXSA:2021-2830:12)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2830:12 advisory. bind: Broken inbound incremental zone update IXFR can cause named to terminate unexpectedly CVE-2021-25214 Tenable has extracted the preceding description...

MiracleLinux 8 : edk2-20190829git37eef91017ad-9.el8 (AXSA:2020-915:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-915:01 advisory. edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib CVE-2019-14563 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.362.b08-1.el7 (AXSA:2023-4855:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4855:02 advisory. OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 4 : thunderbird-78.10.0-1.0.1.AXS4 (AXSA:2021-1718:08)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1718:08 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 8 : postgresql:13 (AXSA:2022-2993:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2993:01 advisory. postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214...

MiracleLinux 7 : dpdk-18.11.8-2.el7 (AXSA:2023-4760:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4760:01 advisory. dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 Tenable has extracted the preceding description block...

MiracleLinux 7 : rh-python38-python-psutil-5.6.4-5.el7, rh-python38-python-urllib3-1.25.7-6.el7 (AXSA:2021-1435:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1435:01 advisory. python-psutil: double free because of refcount mishandling CVE-2019-18874 python-urllib3: CRLF injection via HTTP request method CVE-2020-26137...

MiracleLinux 9 : kernel-5.14.0-70.30.1.el9_0 (AXSA:2023-5105:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5105:05 advisory. posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

MiracleLinux 8 : squid:4 (AXSA:2024-7632:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7632:01 advisory. squid: denial of service in HTTP header parser CVE-2024-25617 squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 squid: denial of...

MiracleLinux 9 : rsyslog-8.2102.0-101.el9.1 (AXSA:2022-3974:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3974:05 advisory. rsyslog: Heap-based overflow in TCP syslog server CVE-2022-24903 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 8 : mingw-expat-2.4.8-1.el8 (AXSA:2022-4252:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4252:02 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 expat: Namespace-separator characters in...

MiracleLinux 9 : python-idna-2.10-7.el9_4.1 (AXSA:2024-8453:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8453:01 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 CVE-2024-3651 RESERVED Tenable has extracted th...

MiracleLinux 9 : containernetworking-plugins-1.5.1-3.el9_5 (AXSA:2024-9487:07)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9487:07 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...