MiracleLinux 9 : firefox-91.9.1-1.el9.ML.1 (AXSA:2022-4012:30)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4012:30 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 9 : git-lfs-3.4.1-1.el9 (AXSA:2024-7894:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7894:02 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288,VU421644.3 Tenable has extracted the preceding description...

MiracleLinux 9 : git-lfs-3.2.0-1.el9 (AXSA:2023-5844:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5844:01 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: net/http/httputil: ReverseProxy should not forward...

MiracleLinux 8 : thunderbird-102.8.0-2.el8.ML.1 (AXSA:2023-5135:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5135:10 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

MiracleLinux 8 : webkit2gtk3-2.40.5-1.el8.ML.1 (AXSA:2023-7260:19)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7260:19 advisory. webkitgtk: arbitrary code execution CVE-2023-32393 webkitgtk: bypass Same Origin Policy CVE-2023-38572 webkitgtk: Processing web content may lead to...

MiracleLinux 8 : less-530-2.el8_9 (AXSA:2024-7645:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7645:01 advisory. less: missing quoting of shell metacharacters in LESSCLOSE handling CVE-2022-48624 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : dotnet6.0-6.0.113-1.el8.ML.1 (AXSA:2023-4751:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4751:02 advisory. dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process CVE-2023-21538 Tenable has extracted the preceding...

MiracleLinux 8 : varnish:6 (AXSA:2022-3053:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3053:01 advisory. varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : OpenIPMI-2.0.32-5.el9_4 (AXSA:2024-8899:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8899:01 advisory. openipmi: missing check on the authorization type on incoming LAN messages in IPMI simulator CVE-2024-42934 Tenable has extracted the preceding description...

MiracleLinux 7 : shim-signed-15.8-1.el7, shim-15.8-3.el7 (AXSA:2024-7742:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7742:01 advisory. shim: RCE in http boot support may lead to Secure Boot bypass CVE-2023-40547 shim: Interger overflow leads to heap buffer overflow in...

MiracleLinux 8 : container-tools:4.0 (AXSA:2024-7735:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7735:01 advisory. buildah: full container escape at build time CVE-2024-1753 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : thunderbird-78.9.0-3.0.1.el8 (AXSA:2021-1619:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1619:04 advisory. Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23981 Mozilla: Memory safety bugs fixed in Firefox ...

MiracleLinux 8 : babel-2.5.1-7.el8 (AXSA:2021-2647:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2647:01 advisory. python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code CVE-2021-20095, CVE-2021-42771 Tenab...

MiracleLinux 7 : kernel-3.10.0-1160.49.1.el7 (AXSA:2021-2571:25)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2571:25 advisory. kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 Tenable has extracted the preceding description block directly fro...

MiracleLinux 7 : xerces-c-3.1.1-10.el7 (AXSA:2020-4490:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4490:01 advisory. xerces-c: XML parser contains a use-after-free error triggered during the scanning of external DTDs CVE-2018-1311 Tenable has extracted the preceding...

MiracleLinux 7 : qemu-kvm-1.5.3-175.el7.3 (AXSA:2021-1371:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1371:01 advisory. QEMU: loader: OOB access while loading registered ROM may lead to code execution CVE-2020-13765 QEMU: reachable assertion failure in...

MiracleLinux 9 : git-2.31.1-3.el9 (AXSA:2023-4994:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4994:02 advisory. git: gitattributes parsing integer overflow CVE-2022-23521 git: Heap overflow in git archive, git log --format leading to RCE CVE-2022-41903 Tenable...

MiracleLinux 8 : opensc-0.20.0-4.el8, opensc-0.20.0-4.el8 (AXSA:2021-1949:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1949:01 advisory. opensc: heap-based buffer overflow in scoberthurreadfile CVE-2020-26570 opensc: stack-based buffer overflow in scpkcs15emugemsafeGPKinit...

MiracleLinux 4 : unbound-1.4.20-29.AXS4.1 (AXSA:2020-179:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-179:03 advisory. unbound: amplification of an incoming query into a large number of queries directed to a target CVE-2020-12662 unbound: infinite loop via malformed D...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.292.b10-0.el8 (AXSA:2021-1703:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1703:07 advisory. OpenJDK: Incomplete enforcement of JAR signing disabled algorithms 8249906 CVE-2021-2163 Tenable has extracted the preceding description block directly from...