MiracleLinux 9 : pki-core-11.0.6-2.el9.ML.1 (AXSA:2023-5106:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5106:02 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : firefox-78.10.0-1.0.1.el7 (AXSA:2021-1724:11)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1724:11 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 4 : php-5.3.3-50.AXS4 (AXSA:2019-4373:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4373:01 advisory. php: underflow in envpathinfo in fpmmain.c CVE-2019-11043 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : expat-2.2.5-8.el8.3 (AXSA:2022-3891:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3891:07 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : jose-10-2.el8_10.3 (AXSA:2024-8659:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8659:01 advisory. jose: resource exhaustion CVE-2024-28176 jose: Denial of service due to uncontrolled CPU consumption CVE-2023-50967 Tenable has extracted the...

MiracleLinux 8 : thunderbird-91.10.0-1.el8.ML.1 (AXSA:2022-3742:09)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3742:09 advisory. Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email CVE-2022-1834 Mozilla: Cross-Origin resource...

MiracleLinux 8 : ruby:2.5 (AXSA:2022-3066:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3066:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 Tenable has extracted the preceding...

MiracleLinux 8 : stunnel-5.56-5.el8 (AXSA:2021-1521:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1521:02 advisory. stunnel: client certificate not correctly verified when redirect and verifyChain options are used CVE-2021-20230 Tenable has extracted the preceding...

MiracleLinux 9 : transfig-3.2.7b-11.el9_7 (AXSA:2026-046:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-046:01 advisory. xfig: xfig: Stack-overflow allows possible code execution via local input manipulation CVE-2025-46397 Tenable has extracted the preceding description block...

MiracleLinux 9 : thunderbird-91.9.1-1.el9.ML.1 (AXSA:2022-4007:17)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4007:17 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 8 : java-11-openjdk-11.0.24.0.8-3.el8 (AXSA:2024-8581:14)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8581:14 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK:...

MiracleLinux 8 : thunderbird-78.10.0-1.0.1.el8 (AXSA:2021-1726:09)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1726:09 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 9 : firefox-102.11.0-2.el9.ML.1 (AXSA:2023-6024:19)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6024:19 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

MiracleLinux 8 : thunderbird-91.2.0-1.el8.ML.1 (AXSA:2021-2482:19)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2482:19 advisory. Mozilla: Use-after-free in MessageTask CVE-2021-38496 Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2...

MiracleLinux 9 : python-urllib3-1.26.5-3.el9_3.1 (AXSA:2024-7481:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7481:02 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 urllib3: Request body not stripped after redirect...

MiracleLinux 9 : fribidi-1.0.10-6.el9.2 (AXSA:2022-4472:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4472:02 advisory. fribidi: Stack based buffer overflow CVE-2022-25308 fribidi: Heap-buffer-overflow in fribidicaprtltounicode CVE-2022-25309 fribidi: SEGV in...

MiracleLinux 9 : thunderbird-102.14.0-1.el9.ML.1 (AXSA:2023-6344:22)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6344:22 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 9 : openexr-3.1.1-2.el9.1 (AXSA:2024-9242:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9242:02 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : curl-7.61.1-22.el8.4 (AXSA:2022-3789:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3789:02 advisory. curl: HTTP compression denial of service CVE-2022-32206 curl: FTP-KRB bad message verification CVE-2022-32208 Tenable has extracted the preceding...

MiracleLinux 7 : OpenEXR-1.7.1-8.el7 (AXSA:2020-656:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-656:02 advisory. OpenEXR: out-of-bounds read during Huffman uncompression CVE-2020-11761 OpenEXR: std::vector out-of-bounds read and write in ImfTileOffsets.cpp...