MiracleLinux 4 : firefox-68.9.0-1.0.1.AXS4 (AXSA:2020-118:12)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-118:12 advisory. Mozilla: Use-after-free in SharedWorkerService CVE-2020-12405 Mozilla: JavaScript Type confusion with NativeTypes CVE-2020-12406 Mozilla: Memory safe...

MiracleLinux 8 : device-mapper-multipath-0.8.4-22.el8.2 (AXSA:2022-3923:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3923:05 advisory. device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Tenable has extract...

MiracleLinux 7 : python-2.7.5-94.0.4.el7.AXS7 (AXSA:2024-8942:49)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8942:49 advisory. CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value. CVEs: CVE-2024-7592 There is a LOW...

MiracleLinux 9 : NetworkManager-1.48.10-2.el9.ML.1 (AXSA:2024-9183:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9183:16 advisory. NetworkManager: Denial of Service CVE-2024-6501 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 4 : xterm-253-1.0.1.AXS4 (AXSA:2021-1537:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1537:02 advisory. xterm: crash when processing combining characters CVE-2021-27135 CVEs: CVE-2021-27135 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : libxml2-2.9.1-6.5.0.1.el7.AXS7 (AXSA:2020-765:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-765:03 advisory. libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c CVE-2019-19956 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2022-3717:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3717:01 advisory. golang: encoding/pem: fix stack overflow in Decode CVE-2022-24675 golang: crypto/elliptic: panic caused by oversized scalar CVE-2022-28327 golang:...

MiracleLinux 8 : python27:2.7 (AXSA:2022-4445:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4445:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107. Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : python-pillow-2.0.0-25.gitd1c6db8.el7 (AXSA:2024-7532:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7532:02 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : kernel-4.18.0-553.22.1.el8_10 (AXSA:2024-9035:37)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9035:37 advisory. CVE-2023-6040 CVE-2024-26595 CVE-2024-26600 CVE-2021-46984 CVE-2023-52478 CVE-2023-52476 CVE-2023-52522 CVE-2021-47101 CVE-2021-47097 CVE-2023-52605...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2023-4765:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4765:01 advisory. QEMU: QXL: qxlphys2virt unsafe address translation can lead to out-of-bounds read CVE-2022-4144 Tenable has extracted the preceding description block directl...

MiracleLinux 9 : kernel-5.14.0-427.42.1.el9_4 (AXSA:2024-8960:35)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8960:35 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix da...

MiracleLinux 7 : firefox-115.11.0-1.0.1.el7.AXS7 (AXSA:2024-7743:18)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7743:18 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

MiracleLinux 8 : cockpit-composer-45-1.el8, osbuild-composer-75-1.el8.ML.1, osbuild-81-1.el8.ML.1, weldr-client-35.9-2.el8 (AXSA:2023-6087:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6087:04 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2022-4457:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4457:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : container-tools:4.0 (AXSA:2023-7317:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7317:01 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper...

MiracleLinux 9 : python3.9-3.9.14-1.el9 (AXSA:2022-4524:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4524:02 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 python: open redirection vulnerability in lib/http/server.p...

MiracleLinux 9 : containernetworking-plugins-1.2.0-1.el9 (AXSA:2023-5584:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5584:01 advisory. golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 golang: crypto/tls: session...

MiracleLinux 8 : kernel-4.18.0-553.8.1.el8_10 (AXSA:2024-8548:20)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8548:20 advisory. kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel:TCP-spoofed ghost ACKs and leak leak...

MiracleLinux 8 : python3-3.6.8-48.el8.1.ML.1 (AXSA:2023-5156:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5156:02 advisory. python: int type in PyLongFromString does not limit amount of digits converting text to int leading to DoS CVE-2020-10735 python: open redirection...