MiracleLinux 8 : curl-7.61.1-18.el8.1 (AXSA:2021-2446:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2446:04 advisory. curl: Content not matching hash in Metalink is not being discarded CVE-2021-22922 curl: Metalink download sends credentials CVE-2021-22923 curl: Bad...

MiracleLinux 7 : openssh-7.4p1-22.el7 (AXSA:2021-2564:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2564:02 advisory. openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured CVE-2021-41617 Tenable has extracted the preceding...

MiracleLinux 9 : poppler-21.01.0-21.el9 (AXSA:2024-9251:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9251:07 advisory. poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : java-17-openjdk-17.0.7.0.7-1.el8 (AXSA:2023-5307:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5307:05 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

MiracleLinux 9 : tcpdump-4.99.0-9.el9 (AXSA:2024-8003:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8003:03 advisory. tcpslice: use-after-free in extractslice CVE-2021-41043 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 8 : firefox-91.12.0-2.el8.ML.1 (AXSA:2022-3753:20)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3753:20 advisory. Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 CVE-2022-2505 Mozilla: Directory indexes for bundled resources reflected URL parameters...

MiracleLinux 7 : firefox-68.8.0-1.0.1.el7.AXS7 (AXSA:2020-073:10)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-073:10 advisory. Mozilla: Use-after-free during worker shutdown CVE-2020-12387 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 CVE-2020-12395...

MiracleLinux 8 : aide-0.16-14.el8.1 (AXSA:2022-3054:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3054:01 advisory. aide: heap-based buffer overflow on outputs larger than B64BUF CVE-2021-45417 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : bind-9.11.4-26.P2.16.0.2.el7.AXS7 (AXSA:2024-8817:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8817:03 advisory. CVE-2024-1737: add a limit to the number of RRs in RRSets and RR types for single name CVE-2024-1975: remove support for SIG0 message verification F...

MiracleLinux 9 : thunderbird-91.10.0-1.el9.ML.1 (AXSA:2022-4019:18)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4019:18 advisory. Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email CVE-2022-1834 Mozilla: Cross-Origin resource...

MiracleLinux 8 : libtiff-4.0.9-26.el8 (AXSA:2023-4774:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4774:01 advisory. LibTiff: DoS from Divide By Zero Error CVE-2022-2056, CVE-2022-2057, CVE-2022-2058 libtiff: Double free or corruption in rotateImage function at...

MiracleLinux 9 : mingw-glib2-2.70.1-2.el9 (AXSA:2023-5021:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5021:01 advisory. glib: gfilereplace with GFILECREATEREPLACEDESTINATION creates empty target for dangling symlink CVE-2021-28153 Tenable has extracted the preceding descriptio...

MiracleLinux 8 : thunderbird-102.13.0-2.el8.ML.1 (AXSA:2023-6238:20)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6238:20 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

MiracleLinux 8 : fetchmail-6.4.24-1.el8.ML.1 (AXSA:2022-3362:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3362:02 advisory. fetchmail: DoS or information disclosure when logging long messages CVE-2021-36386 fetchmail: STARTTLS session encryption bypassing CVE-2021-39272...

MiracleLinux 9 : libvirt-10.0.0-6.6.el9_4.ML.1 (AXSA:2024-8603:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8603:05 advisory. libvirt: stack use-after-free in virNetClientIOEventLoop CVE-2024-4418 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : runc-1.0.0-70.rc10.el7 (AXSA:2024-7506:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7506:02 advisory. runc: file descriptor leak CVE-2024-21626 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : thunderbird-128.3.0-1.el9_4.ML.1 (AXSA:2024-8890:22)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8890:22 advisory. thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox:...

MiracleLinux 9 : webkit2gtk3-2.38.5-1.el9 (AXSA:2023-5612:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5612:09 advisory. webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code...

MiracleLinux 8 : dotnet5.0-5.0.208-1.el8.ML.1 (AXSA:2021-2473:12)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2473:12 advisory. dotnet: System.DirectoryServices.Protocols.LdapConnection sends credentials in plaintext if TLS handshake fails CVE-2021-41355 Tenable has extracted the...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8950:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8950:01 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...