MiracleLinux 9 : sqlite-3.34.1-6.el9 (AXSA:2023-4888:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4888:02 advisory. sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API CVE-2022-35737 Tenable has extracted the preceding description...

MiracleLinux 7 : dpdk-18.11.8-2.el7 (AXSA:2023-4760:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4760:01 advisory. dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 Tenable has extracted the preceding description block...

MiracleLinux 7 : rh-python38-python-psutil-5.6.4-5.el7, rh-python38-python-urllib3-1.25.7-6.el7 (AXSA:2021-1435:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1435:01 advisory. python-psutil: double free because of refcount mishandling CVE-2019-18874 python-urllib3: CRLF injection via HTTP request method CVE-2020-26137...

MiracleLinux 8 : thunderbird-91.10.0-1.el8.ML.1 (AXSA:2022-3742:09)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3742:09 advisory. Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email CVE-2022-1834 Mozilla: Cross-Origin resource...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.362.b08-1.el7 (AXSA:2023-4855:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4855:02 advisory. OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 8 : gcc-toolset-10-annobin-9.29-1.el8.2, gcc-toolset-10-gcc-10.3.1-1.2.el8 (AXSA:2021-2881:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2881:01 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced ...

MiracleLinux 4 : xterm-253-1.0.1.AXS4 (AXSA:2021-1537:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1537:02 advisory. xterm: crash when processing combining characters CVE-2021-27135 CVEs: CVE-2021-27135 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : mutt-1.5.21-29.el7 (AXSA:2020-4539:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4539:01 advisory. mutt: IMAP header caching path traversal vulnerability CVE-2018-14355 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : tcpdump-4.9.3-2.el8 (AXSA:2021-2659:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2659:02 advisory. tcpdump: ppp decapsulator can be convinced to allocate a large amount of memory CVE-2020-8037 Tenable has extracted the preceding description block directly...

MiracleLinux 4 : firefox-68.9.0-1.0.1.AXS4 (AXSA:2020-118:12)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-118:12 advisory. Mozilla: Use-after-free in SharedWorkerService CVE-2020-12405 Mozilla: JavaScript Type confusion with NativeTypes CVE-2020-12406 Mozilla: Memory safe...

MiracleLinux 9 : libguestfs-winsupport-9.2-1.el9 (AXSA:2023-5849:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5849:01 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfsgetattributevalue...

MiracleLinux 8 : flatpak-builder-1.0.14-2.el8 (AXSA:2022-4428:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4428:01 advisory. flatpak: flatpak-builder --mirror-screenshots-url can access files outside the build directory CVE-2022-21682 Tenable has extracted the preceding description...

MiracleLinux 8 : device-mapper-multipath-0.8.4-22.el8.2 (AXSA:2022-3923:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3923:05 advisory. device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Tenable has extract...

MiracleLinux 9 : NetworkManager-1.48.10-2.el9.ML.1 (AXSA:2024-9183:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9183:16 advisory. NetworkManager: Denial of Service CVE-2024-6501 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 7 : tomcat-7.0.76-16.0.1.el7.AXS7 (AXSA:2024-8731:12)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8731:12 advisory. Fix file path bug introduced by the CVE-2021-25329 fix CVEs: CVE-2021-25329 The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to...

MiracleLinux 7 : python-2.7.5-94.0.4.el7.AXS7 (AXSA:2024-8942:49)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8942:49 advisory. CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value. CVEs: CVE-2024-7592 There is a LOW...

MiracleLinux 4 : thunderbird-78.10.0-1.0.1.AXS4 (AXSA:2021-1718:08)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1718:08 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 4 : xorg-x11-server-1.17.4-18.0.1.AXS4 (AXSA:2020-944:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-944:01 advisory. xorg-x11-server: Out-of-bounds access in XkbSetNames function CVE-2020-14345 xorg-x11-server: Integer underflow in the X input extension protocol...

MiracleLinux 8 : [security - high] nodejs:16 (AXSA:2022-3898:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3898:01 advisory. nodejs: weak randomness in WebCrypto keygen CVE-2022-35255 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields CVE-2022-35256...

MiracleLinux 9 : firefox-115.6.0-1.el9_3.ML.1 (AXSA:2024-7350:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7350:02 advisory. Mozilla: Heap-buffer-overflow affecting WebGLDrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in...