MiracleLinux 9 : firefox-102.8.0-2.el9.ML.1 (AXSA:2023-5134:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5134:09 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

MiracleLinux 8 : idm:client (AXSA:2021-2292:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2292:01 advisory. jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution CVE-2020-11023 Tenable has extracted the preceding...

MiracleLinux 8 : php:7.4 (AXSA:2024-9405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9405:01 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing...

MiracleLinux 8 : kernel-4.18.0-348.el8 (AXSA:2021-2785:26)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2785:26 advisory. kernel: out-of-bounds reads in pinctrl subsystem CVE-2020-0427 kernel: Improper input validation in some IntelR Ethernet E810 Adapter drivers...

MiracleLinux 8 : git-2.39.1-1.el8 (AXSA:2023-5936:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5936:07 advisory. git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree CVE-2022-24765 git: Bypass of safe.directory protections...

MiracleLinux 8 : thunderbird-78.8.0-1.0.1.el8 (AXSA:2021-1569:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1569:03 advisory. Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy...

MiracleLinux 7 : perl-5.16.3-299.el7 (AXSA:2021-1425:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1425:04 advisory. perl: heap-based buffer overflow in regular expression compiler leads to DoS CVE-2020-10543 perl: corruption of intermediate language state of...

MiracleLinux 8 : nss-3.53.1-17.0.1.el8 (AXSA:2021-1536:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1536:01 advisory. nss: Side channel attack on ECDSA signature generation CVE-2020-6829 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular...

MiracleLinux 8 : thunderbird-91.6.0-1.el8.ML.1 (AXSA:2022-3068:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3068:03 advisory. Mozilla: Extensions could have bypassed permission confirmation during update CVE-2022-22754 Mozilla: Memory safety bugs fixed in Firefox 97 and...

MiracleLinux 8 : libxml2-2.9.7-12.el8 (AXSA:2022-3108:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3108:01 advisory. libxml2: Use-after-free of ID and IDREF attributes CVE-2022-23308 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 8 : libxml2-2.9.7-13.el8.1 (AXSA:2022-3668:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3668:04 advisory. libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write CVE-2022-29824 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : idm:client (AXSA:2021-1594:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1594:01 advisory. js-jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 bootstrap: XSS in the data-target attribute CVE-2016-10735 bootstrap:...

MiracleLinux 9 : buildah-1.29.1-1.el9 (AXSA:2023-5642:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5642:02 advisory. golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 golang: crypto/tls: session...

MiracleLinux 7 : firefox-78.7.0-2.0.1.el7.AXS7 (AXSA:2021-1373:04)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1373:04 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...

MiracleLinux 4 : firefox-78.7.0-2.0.1.AXS4 (AXSA:2021-1360:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1360:03 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...

MiracleLinux 8 : ruby:2.5 (AXSA:2022-3066:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3066:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 Tenable has extracted the preceding...

MiracleLinux 7 : nspr-4.25.0-2.el7, nss-softokn-3.53.1-6.el7, nss-3.53.1-3.0.1.el7.AXS7, nss-util-3.53.1-1.el7 (AXSA:2020-683:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-683:02 advisory. nss: Out-of-bounds read when importing curve25519 private key CVE-2019-11719 nss: Use-after-free in sftkFreeSession due to improper refcounting...

MiracleLinux 9 : cockpit-composer-45-1.el9, osbuild-composer-76-2.el9.ML.1, osbuild-81-1.el9.ML.1, weldr-client-35.9-1.el9 (AXSA:2023-5900:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5900:03 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

MiracleLinux 9 : galera-26.4.11-1.el9, mariadb-10.5.16-2.el9, mysql-selinux-1.0.5-1.el9 (AXSA:2022-4045:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4045:01 advisory. mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669...

MiracleLinux 8 : libxml2-2.9.7-15.el8 (AXSA:2022-4126:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4126:06 advisory. libxml2: Incorrect server side include parsing can lead to XSS CVE-2016-3709 Tenable has extracted the preceding description block directly from the...