MiracleLinux 9 : libtiff-4.4.0-7.el9 (AXSA:2023-5351:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5351:03 advisory. libtiff: heap Buffer overflows in tiffcrop.c CVE-2022-3570 libtiff: out-of-bounds write in TIFFmemcpy in libtiff/tifunix CVE-2022-3597 libtiff:...

MiracleLinux 8 : linux-firmware-20240610-122.git90df68d2.el8_10 (AXSA:2024-8543:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8543:07 advisory. kernel: Reserved fields in guest message responses may not be zero initialized CVE-2023-31346 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : python3.11-3.11.10-1.el8_10 (AXSA:2024-8969:25)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8969:25 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 9 : nghttp2-1.43.0-5.el9.1 (AXSA:2023-6518:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6518:02 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...

MiracleLinux 4 : postgresql-8.4.20-8.0.1.AXS4 (AXSA:2021-1754:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1754:02 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...

MiracleLinux 9 : iperf3-3.9-13.el9 (AXSA:2024-9259:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9259:02 advisory. iperf3: possible denial of service CVE-2023-7250,ESNET-SECADV-2023-0002 iperf3: vulnerable to marvin attack if the authentication option is used...

MiracleLinux 9 : poppler-21.01.0-14.el9 (AXSA:2023-5617:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5617:02 advisory. poppler: integer overflow in JBIG2 decoder using malformed files CVE-2022-38784 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : java-11-openjdk-11.0.16.0.8-1.el9 (AXSA:2022-4017:16)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4017:16 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

MiracleLinux 7 : nbdkit-1.8.0-3.el7 (AXSA:2020-4543:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4543:01 advisory. nbdkit: denial of service due to premature opening of back-end connection CVE-2019-14850 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : container-tools:4.0 (AXSA:2022-4429:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4429:01 advisory. cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 runc...

MiracleLinux 9 : grafana-pcp-5.1.1-2.el9.ML.1 (AXSA:2024-7799:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7799:03 advisory. grafana-pcp: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Tenable has extracted the preceding description...

MiracleLinux 8 : libcap-2.48-5.el8 (AXSA:2023-6325:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6325:01 advisory. libcap: Integer Overflow in libcapstrdup CVE-2023-2603 libcap: Memory Leak on pthreadcreate Error CVE-2023-2602 Tenable has extracted the preceding...

MiracleLinux 7 : nss-3.53.1-7.el7 (AXSA:2021-1732:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1732:03 advisory. nss: TLS 1.3 CCS flood remote DoS Attack CVE-2020-25648 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 9 : webkit2gtk3-2.36.7-1.el9.1 (AXSA:2023-5048:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5048:03 advisory. webkitgtk: processing maliciously crafted web content may lead to an arbitrary code execution CVE-2022-42856 Tenable has extracted the preceding description...

MiracleLinux 9 : thunderbird-102.10.0-2.el9.ML.1 (AXSA:2023-5301:15)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5301:15 advisory. Thunderbird: Revocation status of S/Mime recipient certificates was not checked CVE-2023-0547 Mozilla: Matrix SDK bundled with Thunderbird vulnerabl...

MiracleLinux 8 : unzip-6.0-43.el8 (AXSA:2020-297:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-297:02 advisory. unzip: overlapping of files in ZIP container leads to denial of service CVE-2019-13232 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : poppler-21.01.0-13.el9 (AXSA:2023-4965:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4965:01 advisory. poppler: A logic error in the Hints::Hints function can cause denial of service CVE-2022-27337 Tenable has extracted the preceding description block directly...

MiracleLinux 7 : pcp-4.3.2-12.el7 (AXSA:2020-703:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-703:06 advisory. pcp: Local privilege escalation in pcp spec file %post section CVE-2019-3695 A Improper Control of Generation of Code vulnerability in the packaging ...

MiracleLinux 8 : httpd:2.4 httpd-2.4.37-51.module+el8+1598+5e93bbc9.5.ML.1, mod_http2-1.15.7-5.module+el8+1598+5e93bbc9.4, mod_md-2.0.8-8.module+el8+1598+5e93bbc9 (AXSA:2023-5275:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5275:01 advisory. httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 8 : nghttp2-1.33.0-6.el8_10.1 (AXSA:2024-8517:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8517:02 advisory. nghttp2: CONTINUATION frames DoS CVE-2024-28182 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...