MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2022-4457:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4457:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 Tenable has extracted the preceding description block directly from...

MiracleLinux 9 : python3.9-3.9.14-1.el9 (AXSA:2022-4524:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4524:02 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 python: open redirection vulnerability in lib/http/server.p...

MiracleLinux 8 : kernel-4.18.0-553.8.1.el8_10 (AXSA:2024-8548:20)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8548:20 advisory. kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel:TCP-spoofed ghost ACKs and leak leak...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.2.el7.AXS7 (AXSA:2024-8820:28)

"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8820:28 advisory. net: ice: Fix potential NULL pointer dereference in icebridgesetlink CVE-2024-26855 tty: Fix out-of-bound vmalloc access in imageblit CVE-2021-4738...

MiracleLinux 8 : python-pillow-5.1.1-18.el8_9.1.ML.1 (AXSA:2024-7539:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7539:03 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : thunderbird-78.8.0-1.0.1.el8 (AXSA:2021-1569:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1569:03 advisory. Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy...

MiracleLinux 8 : perl:5.32 security fix (AXSA:2024-8812:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8812:01 advisory. perl: Write past buffer end via illegal user-defined Unicode property CVE-2023-47038 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : ruby:2.5 (AXSA:2022-3066:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3066:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 Tenable has extracted the preceding...

MiracleLinux 9 : httpd-2.4.53-7.el9.5, mod_http2-1.15.19-3.el9.5 (AXSA:2023-5276:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5276:01 advisory. httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.5.el7.AXS7 (AXSA:2024-8953:34)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8953:34 advisory. drm/vmwgfx: Validate the box size for the snooped cursor CVE-2022-36280 USB: eneusb6250: Allocate enough memory for full object CVE-2023-45862...

MiracleLinux 8 : httpd:2.4 httpd-2.4.37-51.module+el8+1598+5e93bbc9.5.ML.1, mod_http2-1.15.7-5.module+el8+1598+5e93bbc9.4, mod_md-2.0.8-8.module+el8+1598+5e93bbc9 (AXSA:2023-5275:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5275:01 advisory. httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-4453:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4453:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : curl-7.29.0-59.el7.2 (AXSA:2023-7014:15)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7014:15 advisory. curl: Use-after-free triggered by an HTTP proxy deny response CVE-2022-43552 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : firefox-115.11.0-1.el8_10.ML.1 (AXSA:2024-8466:22)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8466:22 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

MiracleLinux 9 : curl-7.76.1-23.el9 (AXSA:2023-5467:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5467:07 advisory. curl: Incorrect handling of control code characters in cookies CVE-2022-35252 curl: Use-after-free triggered by an HTTP proxy deny response...

MiracleLinux 9 : python3.9-3.9.10-3.el9 (AXSA:2022-4535:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4535:03 advisory. python: int type in PyLongFromString does not limit amount of digits converting text to int leading to DoS CVE-2020-10735 Tenable has extracted the preceding...

MiracleLinux 9 : thunderbird-115.11.0-1.el9_4.ML.1 (AXSA:2024-8308:12)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8308:12 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

MiracleLinux 8 : kernel-4.18.0-425.3.1.el8 (AXSA:2022-4433:20)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4433:20 advisory. off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 race condition in VTRESIZEX ioctl when vcconsi.d is already NULL...

MiracleLinux 8 : python3-3.6.8-47.el8.ML.1 (AXSA:2022-3849:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3849:02 advisory. pythonmailcap: findmatch function does not sanitise the second argument CVE-2015-20107 python: urllib.parse does not sanitize URLs containing ASCII...

MiracleLinux 7 : python-pillow-2.0.0-23.gitd1c6db8.el7 (AXSA:2022-3076:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3076:01 advisory. python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions CVE-2022-22817 python-pillow: buffer over-read during initialization of...