MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8861:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8861:01 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions...

MiracleLinux 8 : kernel-4.18.0-477.21.1.el8_8 (AXSA:2023-6359:23)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6359:23 advisory. kernel: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 kernel: tcindex: use-after-free vulnerabili...

MiracleLinux 8 : c-ares-1.13.0-6.el8.ML.1 (AXSA:2022-3337:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3337:02 advisory. c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : dotnet8.0-8.0.101-1.el8_9.ML.1 (AXSA:2024-7408:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7408:02 advisory. dotnet: Information Disclosure: MD.SqlClientMDS & System.data.SQLClient SDS CVE-2024-0056 dotnet: X509 Certificates - Validation Bypass across Azure...

MiracleLinux 8 : httpd:2.4 (AXSA:2022-3552:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3552:01 advisory. httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: modproxyuwsgi: out-of-bounds read via a crafted request...

MiracleLinux 9 : delve-1.21.2-2.el9, golang-1.21.9-2.el9 (AXSA:2024-7759:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7759:01 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.392.b08-3.el9.ML.1 (AXSA:2023-6541:22)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6541:22 advisory. OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate...

MiracleLinux 8 : openssh-8.0p1-10.el8 (AXSA:2021-2653:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2653:03 advisory. openssh: Observable discrepancy leading to an information leak in the algorithm negotiation CVE-2020-14145 Tenable has extracted the preceding description...

MiracleLinux 9 : libfastjson-0.99.9-5.el9 (AXSA:2023-6791:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6791:01 advisory. json-c, libfastjson: integer overflow and out-of-bounds write via a large JSON file CVE-2020-12762 Tenable has extracted the preceding description block...

MiracleLinux 7 : expat-2.1.0-14.el7 (AXSA:2022-3129:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3129:02 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 expat: Namespace-separator characters in...

MiracleLinux 8 : postgresql:13 (AXSA:2023-5263:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5263:01 advisory. postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 postgresql: Client memory disclosure when connecting wit...

MiracleLinux 9 : golang-1.20.12-4.el9_3 (AXSA:2024-7718:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7718:03 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 CVE-2023-45288 An attacker may cause an HTTP/2 endpoint to...

MiracleLinux 8 : java-11-openjdk-11.0.11.0.9-0.el8 (AXSA:2021-1704:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1704:08 advisory. OpenJDK: Incomplete enforcement of JAR signing disabled algorithms 8249906 CVE-2021-2163 Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : cups-1.6.3-43.el7 (AXSA:2020-4559:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4559:02 advisory. cups: Local privilege escalation to root due to insecure environment variable handling CVE-2018-4180 cups: Manipulation of cupsd.conf by a local...

MiracleLinux 9 : shadow-utils-4.9-8.el9 (AXSA:2023-6622:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6622:03 advisory. shadow-utils: possible password leak during passwd1 change CVE-2023-4641 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2023-7318:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7318:02 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper...

MiracleLinux 9 : krb5-1.21.1-3.el9 (AXSA:2024-9086:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9086:08 advisory. krb5: Memory leak at /krb5/src/lib/rpc/pmaprmt.c CVE-2024-26458 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c CVE-2024-26461 krb5: Memor...

MiracleLinux 9 : cockpit-composer-41-1.el9, osbuild-composer-62.1-1.el9.ML.1, osbuild-65-1.el9.ML.1, weldr-client-35.5-4.el9 (AXSA:2023-5065:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5065:02 advisory. golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service CVE-2022-32189...

MiracleLinux 7 : firefox-78.7.0-2.0.1.el7.AXS7 (AXSA:2021-1373:04)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1373:04 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...

MiracleLinux 7 : rh-ruby27-ruby-2.7.3-129.el7 (AXSA:2021-1769:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1769:01 advisory. ruby: Potential HTTP request smuggling in WEBrick CVE-2020-25613 ruby: XML round-trip vulnerability in REXML CVE-2021-28965 Tenable has extracted th...