MiracleLinux 8 : sqlite-3.26.0-17.el8 (AXSA:2023-4779:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4779:01 advisory. sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API CVE-2022-35737 Tenable has extracted the preceding description...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8540:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8540:01 advisory. golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped...

MiracleLinux 7 : python3-3.6.8-21.0.2.el7.AXS7 (AXSA:2024-8914:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8914:06 advisory. CVE-2024-6232: remove backtracking when parsing tarfile headers CVE-2024-7592: fix quadratic complexity in parsing -quoted cookie values with...

MiracleLinux 9 : containernetworking-plugins-1.5.1-2.el9 (AXSA:2024-9094:06)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9094:06 advisory. golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 net/http: Denial of service due to improper 100-continue handling in...

MiracleLinux 8 : dotnet7.0-7.0.119-1.el8.ML.1 (AXSA:2024-8381:11)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8381:11 advisory. dotnet: stack buffer overrun in Double Parse CVE-2024-30045 dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop...

MiracleLinux 9 : dotnet8.0-8.0.100-2.el9_3.ML.1 (AXSA:2024-7409:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7409:03 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...

MiracleLinux 8 : thunderbird-115.3.1-1.el8.ML.1 (AXSA:2023-6497:29)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6497:29 advisory. firefox: use-after-free in workers CVE-2023-3600 Mozilla: Out-of-bounds write in PathOps CVE-2023-5169 Mozilla: Use-after-free in Ion Compiler...

MiracleLinux 8 : ppp-2.4.7-26.el8 (AXSA:2020-167:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-167:03 advisory. ppp: Buffer overflow in the eaprequest and eapresponse functions in eap.c CVE-2020-8597 Tenable has extracted the preceding description block directly from th...

MiracleLinux 7 : java-11-openjdk-11.0.23.0.9-2.el7 (AXSA:2024-7701:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7701:06 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

MiracleLinux 8 : nodejs:14 nodejs-nodemon-2.0.20-2.module+el8+1579+35966ec0, nodejs-packaging-23-3.module+el8+1579+35966ec0, nodejs-14.21.1-2.module+el8+1579+35966ec0 (AXSA:2023-4653:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4653:01 advisory. minimist: prototype pollution CVE-2021-44906 node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-0235 nodejs-minimatch:...

MiracleLinux 9 : golang-1.19.10-1.el9, go-toolset-1.19.10-1.el9 (AXSA:2023-6174:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6174:04 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary...

MiracleLinux 8 : edk2-20190829git37eef91017ad-9.el8 (AXSA:2020-915:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-915:01 advisory. edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib CVE-2019-14563 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : postgresql:15 (AXSA:2023-6438:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6438:01 advisory. postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after...

MiracleLinux 8 : kernel-4.18.0-477.21.1.el8_8 (AXSA:2023-6359:23)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6359:23 advisory. kernel: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 kernel: tcindex: use-after-free vulnerabili...

MiracleLinux 8 : edk2-20220126gitbb1bba3d77-6.el8_9.6.ML.1 (AXSA:2024-7572:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7572:03 advisory. edk2: Buffer overflow in the DHCPv6 client via a long Server ID option CVE-2023-45230 edk2: Buffer overflow when processing DNS Servers option in a...

MiracleLinux 9 : toolbox-0.0.99.5-5.el9 (AXSA:2024-9104:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9104:02 advisory. golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 golang: html/templat...

MiracleLinux 7 : firefox-68.11.0-1.0.1.el7.AXS7 (AXSA:2020-256:17)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-256:17 advisory. chromium-browser: Use after free in ANGLE CVE-2020-6463 chromium-browser: Inappropriate implementation in WebRTC CVE-2020-6514 Mozilla: Potential lea...

MiracleLinux 7 : firefox-102.13.0-2.0.1.el7.AXS7 (AXSA:2023-6240:25)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6240:25 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

MiracleLinux 7 : kernel-3.10.0-1160.88.1.el7 (AXSA:2023-5218:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5218:08 advisory. kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 kernel: use-after-free related to leaf anonvma double reuse CVE-2022-42703...

MiracleLinux 8 : libpcap-1.9.1-4.el8 (AXSA:2021-1228:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1228:01 advisory. libpcap: Resource exhaustion during PHB header length validation CVE-2019-15165 Tenable has extracted the preceding description block directly from the...