MiracleLinux 8 : dotnet5.0-5.0.206-1.el8.ML.1 (AXSA:2021-2360:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2360:10 advisory. dotnet: ASP.NET Core WebSocket frame processing DoS CVE-2021-26423 dotnet: Dump file created world-readable CVE-2021-34485 dotnet: ASP.NET Core JWT...

MiracleLinux 8 : postgresql:10 (AXSA:2024-7566:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7566:01 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block...

MiracleLinux 8 : flatpak-1.12.9-1.el8_10 (AXSA:2024-8476:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8476:06 advisory. flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : zziplib-0.13.71-11.el9 (AXSA:2024-7802:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7802:01 advisory. zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 Tenable has extracted the preceding description block directly from t...

MiracleLinux 8 : thunderbird-102.3.0-4.el8.ML.1 (AXSA:2022-3907:14)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3907:14 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : xorg-x11-server-1.20.11-23.el8 (AXSA:2024-8367:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8367:09 advisory. xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in...

MiracleLinux 8 : java-11-openjdk-11.0.18.0.10-2.el8 (AXSA:2023-4810:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4810:01 advisory. OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 8 : libgcrypt-1.8.5-6.el8 (AXSA:2021-2604:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2604:02 advisory. libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm CVE-2021-33560 Tenable has...

MiracleLinux 7 : bind-9.11.4-26.P2.13.0.1.el7.AXS7 (AXSA:2023-4859:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4859:03 advisory. bind: DNS forwarders - cache poisoning vulnerability CVE-2021-25220 bind: processing large delegations may severely degrade resolver performance...

MiracleLinux 9 : firefox-115.9.1-1.el9.ML.1 (AXSA:2024-7642:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7642:12 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Mozilla: Crash in NSS TLS method CVE-2024-0743 Mozilla: JIT code failed to save return...

MiracleLinux 7 : firefox-91.10.0-1.0.1.el7.AXS7 (AXSA:2022-3202:14)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3202:14 advisory. Mozilla: Cross-Origin resource's length leaked CVE-2022-31736 Mozilla: Heap buffer overflow in WebGL CVE-2022-31737 Mozilla: Browser window spoof...

MiracleLinux 8 : librsvg2-2.42.7-4.0.1.el8 (AXSA:2021-1255:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1255:01 advisory. librsvg: Resource exhaustion via crafted SVG file with nested patterns CVE-2019-20446 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : libsolv-0.7.16-3.el8 (AXSA:2021-2517:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2517:03 advisory. libsolv: heap-based buffer overflow in poolinstallable in src/repo.h CVE-2021-33928 libsolv: heap-based buffer overflow in pooldisabledsolvable in...

MiracleLinux 9 : podman-4.4.1-3.el9 (AXSA:2023-5638:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5638:04 advisory. golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 golang: crypto/tls: session tickets lack random...

MiracleLinux 8 : firefox-91.9.1-1.el8.ML.2 (AXSA:2022-3726:17)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3726:17 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 9 : httpd-2.4.57-11.el9_4 (AXSA:2024-8602:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8602:02 advisory. httpd: Improper escaping of output in modrewrite CVE-2024-38475 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: null pointer...

MiracleLinux 7 : bind-9.11.4-26.P2.5.0.1.el7.AXS7 (AXSA:2021-1734:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1734:06 advisory. bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215 Tenable h...

MiracleLinux 8 : samba-4.13.3-5.el8 (AXSA:2021-2516:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2516:05 advisory. samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token CVE-2021-20254 Tenable has extracted the precedi...

MiracleLinux 9 : curl-7.76.1-29.el9_4.1 (AXSA:2024-8698:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8698:05 advisory. curl: HTTP/2 push headers memory-leak CVE-2024-2398 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 9 : subversion-1.14.1-5.el9 (AXSA:2022-3973:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3973:01 advisory. subversion: Subversion's moddavsvn is vulnerable to memory corruption CVE-2022-24070 Tenable has extracted the preceding description block directly from the...