MiracleLinux 9 : tomcat-9.0.87-1.el9_4.1 (AXSA:2024-8150:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8150:07 advisory. Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 Bug Fixes and...

MiracleLinux 9 : python3.11-3.11.9-7.el9 (AXSA:2024-9265:28)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9265:28 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 python: cpython: Iterating over a malicious ZIP fil...

MiracleLinux 4 : freerdp-1.0.2-7.AXS4 (AXSA:2020-112:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-112:03 advisory. freerdp: Out-of-bounds write in cryptorsacommon in libfreerdp/crypto/crypto.c CVE-2020-13398 Tenable has extracted the preceding description block directly fr...

MiracleLinux 8 : thunderbird-102.15.1-1.el8.ML.1 (AXSA:2023-6445:26)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6445:26 advisory. libwebp: Heap buffer overflow in WebP Codec CVE-2023-4863 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : tomcat-9.0.62-37.el9_3.1 (AXSA:2024-7474:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7474:03 advisory. tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows...

MiracleLinux 8 : pki-deps:10.6 (AXSA:2021-2278:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2278:01 advisory. resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class CVE-2020-1695 Tenable has extracted the preceding description block...

MiracleLinux 7 : kernel-3.10.0-1160.42.2.el7 (AXSA:2021-2411:20)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2411:20 advisory. kernel: use-after-free in route4change in net/sched/clsroute.c CVE-2021-3715 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : kernel-4.18.0-348.2.1.el8_5 (AXSA:2021-2884:27)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2884:27 advisory. kernel: Insufficient validation of user-supplied sizes for the MSGCRYPTO message type CVE-2021-43267 kernel: timer tree corruption leads to missing...

MiracleLinux 8 : bubblewrap-0.4.0-2.el8_10, flatpak-1.12.9-3.el8_10 (AXSA:2024-8785:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8785:01 advisory. flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : container-tools:1.0 (AXSA:2020-294:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-294:01 advisory. QEMU: slirp: OOB buffer access while emulating tcp protocols in tcpemu CVE-2020-7039 Modularity name: container-tools Stream name: 1.0 Tenable has extracted t...

MiracleLinux 7 : gegl-0.2.0-19.el7.1 (AXSA:2022-2991:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-2991:01 advisory. gegl: shell expansion via a crafted pathname CVE-2021-45463 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : rh-postgresql12-postgresql-12.11-1.el7 (AXSA:2022-3203:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3203:01 advisory. postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox CVE-2022-1552 Tenable has extracted the preceding description block...

MiracleLinux 8 : libxml2-2.9.7-8.el8 (AXSA:2020-1001:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-1001:04 advisory. libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c CVE-2019-19956 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c...

MiracleLinux 9 : vim-8.2.2637-16.el9.2 (AXSA:2022-3986:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3986:05 advisory. vim: Use of Out-of-range Pointer Offset in vim CVE-2022-0554 vim: Heap-based Buffer Overflow occurs in vim CVE-2022-0943 vim: Out-of-range Pointer...

MiracleLinux 9 : thunderbird-115.9.0-1.el9_3.ML.1 (AXSA:2024-7671:09)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7671:09 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Mozilla: Crash in NSS TLS method CVE-2024-0743 Mozilla: Leaking of encrypted email subjects ...

MiracleLinux 9 : runc-1.1.4-1.el9 (AXSA:2023-4702:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-4702:01 advisory. runc: incorrect handling of inheritable capabilities CVE-2022-29162 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : oci-seccomp-bpf-hook-1.2.10-2.el9 (AXSA:2024-9099:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9099:02 advisory. golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.1 (AXSA:2022-3021:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3021:01 advisory. httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : libtiff-4.0.3-35.0.1.el7.AXS7 (AXSA:2024-8709:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8709:04 advisory. CVE-2023-52356: added proper validation and boundary checks to prevent the SEGV and potential heap-buffer overflow CVE-2023-52355: added functionali...

MiracleLinux 8 : sssd-2.9.4-3.el8 (AXSA:2024-8333:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8333:06 advisory. sssd: Race condition during authorization leads to GPO policies functioning inconsistently CVE-2023-3758 Tenable has extracted the preceding description bloc...