MiracleLinux 8 : flatpak-builder-1.0.14-2.el8 (AXSA:2022-4428:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4428:01 advisory. flatpak: flatpak-builder --mirror-screenshots-url can access files outside the build directory CVE-2022-21682 Tenable has extracted the preceding description...

MiracleLinux 8 : ksh-20120801-253.el8 (AXSA:2020-169:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-169:04 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

MiracleLinux 9 : sqlite-3.34.1-6.el9 (AXSA:2023-4888:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4888:02 advisory. sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API CVE-2022-35737 Tenable has extracted the preceding description...

MiracleLinux 8 : postgresql:13 (AXSA:2022-2993:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2993:01 advisory. postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214...

MiracleLinux 9 : kernel-5.14.0-70.30.1.el9_0 (AXSA:2023-5105:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5105:05 advisory. posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

MiracleLinux 7 : pki-core-10.5.18-32.el7 (AXSA:2024-8569:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8569:03 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : python3.11-setuptools-65.5.1-2.el9_4.1 (AXSA:2024-8653:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8653:01 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2021-2808:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2808:01 advisory. buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 containers/storage: DoS via malicious image...

MiracleLinux 7 : zsh-5.0.2-34.el7.2 (AXSA:2020-4510:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4510:02 advisory. zsh: insecure dropping of privileges when unsetting PRIVILEGED option CVE-2019-20044 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : nodejs-nodemon-2.0.20-2.el9, nodejs-16.18.1-3.el9 (AXSA:2023-5057:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5057:01 advisory. minimist: prototype pollution CVE-2021-44906 nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: HTTP Request Smuggling due t...

MiracleLinux 8 : samba-4.17.5-2.el8 (AXSA:2023-5985:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5985:08 advisory. samba: GnuTLS gnutlsrnd can fail and give predictable random values CVE-2022-1615 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : kernel-4.18.0-553.5.1.el8_10 (AXSA:2024-8481:17)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8481:17 advisory. kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation CVE-2023-6240 kernel: Information disclosure in...

MiracleLinux 8 : maven:3.6 (AXSA:2022-3587:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3587:01 advisory. apache-httpclient: incorrect handling of malformed authority component in request URIs CVE-2020-13956 Tenable has extracted the preceding description block...

MiracleLinux 9 : firefox-128.5.1-1.el9_5.ML.1 (AXSA:2024-9493:42)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9493:42 advisory. firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims CVE-2024-11694 firefox: thunderbird: Unhandled Exception in Add-on...

MiracleLinux 8 : nodejs:20 (AXSA:2024-7668:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7668:01 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP...

MiracleLinux 8 : kernel-4.18.0-305.7.1.el8_4 (AXSA:2021-2251:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2251:15 advisory. kernel: use-after-free in net/bluetooth/hcievent.c when destroying an hcichan CVE-2021-33034 kernel: security bypass in certs/blacklist.c and...

MiracleLinux 9 : squid-5.5-6.el9_3.2 (AXSA:2023-7053:06)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7053:06 advisory. squid: DoS against HTTP and HTTPS CVE-2023-5824 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 9 : libguestfs-winsupport-9.2-1.el9 (AXSA:2023-5849:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5849:01 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfsgetattributevalue...

MiracleLinux 7 : tomcat-7.0.76-16.0.1.el7.AXS7 (AXSA:2024-8731:12)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8731:12 advisory. Fix file path bug introduced by the CVE-2021-25329 fix CVEs: CVE-2021-25329 The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to...

MiracleLinux 4 : xorg-x11-server-1.17.4-18.0.1.AXS4 (AXSA:2020-944:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-944:01 advisory. xorg-x11-server: Out-of-bounds access in XkbSetNames function CVE-2020-14345 xorg-x11-server: Integer underflow in the X input extension protocol...