MiracleLinux 8 : systemd-239-68.el8.4 (AXSA:2023-5147:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5147:05 advisory. systemd: local information leak due to systemd-coredump not respecting fs.suiddumpable kernel setting CVE-2022-4415 Tenable has extracted the preceding...

MiracleLinux 8 : thunderbird-78.14.0-1.el8.ML.1 (AXSA:2021-2414:17)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2414:17 advisory. Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 CVE-2021-38493 Tenable has extracted the preceding description block...

MiracleLinux 9 : nodejs:18 (AXSA:2023-6295:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6295:01 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x5...

MiracleLinux 8 : nss-3.53.1-17.0.1.el8 (AXSA:2021-1536:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1536:01 advisory. nss: Side channel attack on ECDSA signature generation CVE-2020-6829 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular...

MiracleLinux 7 : mailman-2.1.15-30.el7.2 (AXSA:2021-2576:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2576:01 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 mailman: CSRF token bypass allows to perform CSRF...

MiracleLinux 8 : firefox-102.4.0-1.el8.ML.1 (AXSA:2022-3915:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3915:28 advisory. Mozilla: Same-origin policy violation could have leaked cross-origin URLs CVE-2022-42927 Mozilla: Memory Corruption in JS Engine CVE-2022-42928...

MiracleLinux 7 : pki-core-10.5.18-24.el7 (AXSA:2022-4313:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4313:05 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : fontforge-20200314-6.el8 (AXSA:2024-8552:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8552:01 advisory. fontforge: command injection via crafted filenames CVE-2024-25081 fontforge: command injection via crafted archives or compressed files CVE-2024-250...

MiracleLinux 8 : cups-2.2.6-40.el8 (AXSA:2021-2667:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2667:04 advisory. cups: access to uninitialized buffer in ipp.c CVE-2020-10001 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : sudo-1.8.29-6.el8.1 (AXSA:2021-1334:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1334:04 advisory. sudo: Heap buffer overflow in argument parsing CVE-2021-3156 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : grafana-pcp-5.1.1-2.el8_9.ML.1 (AXSA:2024-7661:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7661:02 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Bug Fixes: TRIAGE CVE-2024-1394 grafana-pcp:...

MiracleLinux 8 : e2fsprogs-1.45.4-3.el8 (AXSA:2020-302:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-302:02 advisory. e2fsprogs: crafted ext4 partition leads to out-of-bounds write CVE-2019-5094 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : libsolv-0.7.19-1.el8 (AXSA:2021-2736:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2736:04 advisory. libsolv: heap-based buffer overflow in testcaseread in src/testcase.c CVE-2021-3200 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : java-17-openjdk-17.0.9.0.9-2.el8 (AXSA:2023-6546:18)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6546:18 advisory. OpenJDK: memory corruption issue on x8664 with AVX-512 8317121 CVE-2023-22025 OpenJDK: certificate path validation issue during client authenticatio...

MiracleLinux 9 : qemu-kvm-6.2.0-11.el9.3 (AXSA:2022-4021:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4021:02 advisory. QEMU: virtio-net: map leaking on error during receive CVE-2022-26353 QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak...

MiracleLinux 8 : pki-core:10.6 (AXSA:2021-1628:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1628:01 advisory. pki-core: Unprivileged users can renew any certificate CVE-2021-20179 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : ctags-5.8-23.el8 (AXSA:2023-5722:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5722:01 advisory. ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 Tenable has extracted the preceding description block directly from t...

MiracleLinux 8 : python3.12-3.12.6-1.el8_10 (AXSA:2024-8970:09)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8970:09 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : sqlite-3.26.0-17.el8 (AXSA:2023-4779:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4779:01 advisory. sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API CVE-2022-35737 Tenable has extracted the preceding description...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8540:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8540:01 advisory. golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped...