MiracleLinux 9 : zlib-1.2.11-31.el9.1 (AXSA:2022-3946:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3946:07 advisory. zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 Tenable has extracted the preceding description block directly fr...

MiracleLinux 8 : libexif-0.6.22-4.el8 (AXSA:2021-1093:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1093:01 advisory. libexif: out of bounds write in exif-data.c CVE-2019-9278 libexif: out of bounds read due to a missing bounds check in exifdatasavedataentry functio...

MiracleLinux 7 : libosinfo-1.1.0-5.el7 (AXSA:2020-4560:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4560:01 advisory. Libosinfo: osinfo-install-script option leaks password via command line argument CVE-2019-13313 Tenable has extracted the preceding description block directl...

MiracleLinux 8 : mingw-expat-2.4.8-1.el8 (AXSA:2022-4252:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4252:02 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 expat: Namespace-separator characters in...

MiracleLinux 8 : firefox-91.2.0-4.el8.ML.1 (AXSA:2021-2461:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2461:28 advisory. Mozilla: Use-after-free in MessageTask CVE-2021-38496 Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.382.b05-2.el8 (AXSA:2023-6261:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6261:16 advisory. OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 83044...

MiracleLinux 9 : firefox-115.10.0-1.el9_3.ML.1 (AXSA:2024-7710:16)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7710:16 advisory. GetBoundName in the JIT returned the wrong object CVE-2024-3852 Out-of-bounds-read after mis-optimized switch statement CVE-2024-3854 Incorrect...

MiracleLinux 9 : kernel-5.14.0-284.30.1.el9_2 (AXSA:2023-6421:25)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6421:25 advisory. kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel: netfilter:...

MiracleLinux 8 : firefox-115.13.0-3.el8_10.ML.1 (AXSA:2024-8566:25)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8566:25 advisory. Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 CVE-2024-6604 Mozilla: Race condition in permission...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.3 (AXSA:2024-8606:19)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8606:19 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : nodejs:18 (AXSA:2024-7654:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7654:01 advisory. nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 nodejs: vulnerable to timing variant of th...

MiracleLinux 8 : dotnet6.0-6.0.132-1.el8_10.ML.1 (AXSA:2024-8570:14)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8570:14 advisory. dotnet: DoS when parsing X.509 Content and ObjectIdentifiers CVE-2024-38095 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : gtk3-3.22.30-8.0.1.el7.AXS7 (AXSA:2024-8937:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8937:02 advisory. CVE-2024-6655: fix loading library from unstrusted search path CVEs: CVE-2024-6655 A flaw was found in the GTK library. Under certain conditions, it is...

MiracleLinux 9 : python3.11-3.11.9-7.el9 (AXSA:2024-9265:28)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9265:28 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 python: cpython: Iterating over a malicious ZIP fil...

MiracleLinux 9 : firefox-91.13.0-1.el9.ML.1 (AXSA:2022-4048:34)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4048:34 advisory. Mozilla: Address bar spoofing via XSLT error handling CVE-2022-38472 Mozilla: Cross-origin XSLT Documents would have inherited the parent's...

MiracleLinux 8 : zlib-1.2.11-19.el8 (AXSA:2022-3921:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3921:04 advisory. zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field CVE-2022-37434 Tenable has extracted the...

MiracleLinux 9 : poppler-21.01.0-14.el9 (AXSA:2023-5617:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5617:02 advisory. poppler: integer overflow in JBIG2 decoder using malformed files CVE-2022-38784 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : libmaxminddb-1.2.0-10.el8_9.1 (AXSA:2024-7509:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7509:01 advisory. libmaxminddb: improper initialization in dumpentrydatalist in maxminddb.c CVE-2020-28241 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : kernel-4.18.0-372.13.1.el8_6 (AXSA:2022-3780:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3780:12 advisory. kernel: buffer overflow in IPsec ESP transformation code CVE-2022-27666 kernel: out-of-bounds read in fbcongetfont function CVE-2020-28915 Tenable h...

MiracleLinux 9 : libnbd-1.18.1-4.el9_4 (AXSA:2024-8825:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8825:02 advisory. libnbd: NBD server improper certificate validation CVE-2024-7383 Tenable has extracted the preceding description block directly from the MiracleLinux securit...