MiracleLinux 9 : containernetworking-plugins-1.3.0-4.el9 (AXSA:2023-6651:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6651:02 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPA...

MiracleLinux 8 : glib2-2.56.4-159.el8, webkit2gtk3-2.36.7-1.el8.ML.1 (AXSA:2022-4319:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4319:01 advisory. webkitgtk: Use-after-free leading to arbitrary code execution CVE-2022-22624 webkitgtk: Use-after-free leading to arbitrary code execution...

MiracleLinux 8 : libreoffice-6.4.7.2-17.el8_10.ML.1 (AXSA:2024-8544:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8544:05 advisory. libreoffice: create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic CVE-2024-3044 Tenable has extracted the...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.242.b07-1.AXS4 (AXSA:2020-4437:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4437:02 advisory. OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS Security, 8229951 CVE-2020-2601 OpenJDK: Serialization filter changes via jdk.serialFilter...

MiracleLinux 8 : fapolicyd-1.1-6.el8 (AXSA:2022-3437:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3437:01 advisory. fapolicyd: fapolicyd wrongly prepares ld.so path CVE-2022-1117 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 4 : rpm-4.8.0-59.0.2.AXS4 (AXSA:2021-2775:09)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2775:09 advisory. rpm: Signature checks bypass via corrupted rpm package CVE-2021-20271 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : targetcli-2.1.53-1.el8 (AXSA:2020-1067:05)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-1067:05 advisory. targetcli: weak permissions for /etc/target and backup files CVE-2020-13867 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : podman-1.6.4-29.el7 (AXSA:2021-1611:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1611:02 advisory. podman: container users permissions are not respected in privileged containers CVE-2021-20188 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : trousers-0.3.15-1.el8 (AXSA:2021-1817:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1817:01 advisory. trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root CVE-2020-24331 trousers: tss user can be us...

MiracleLinux 8 : json-c-0.13.1-2.el8 (AXSA:2021-2645:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2645:02 advisory. json-c: integer overflow and out-of-bounds write via a large JSON file CVE-2020-12762 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : firefox-102.3.0-7.el9.ML.1 (AXSA:2022-4119:36)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4119:36 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : tomcat-9.0.62-37.el9_3.1 (AXSA:2024-7474:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7474:03 advisory. tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows...

MiracleLinux 9 : openssh-8.7p1-38.el9_4.4 (AXSA:2024-8554:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8554:06 advisory. openssh: Possible remote code execution due to a race condition in signal handling affecting MIRACLE LINUX 9 CVE-2024-6409 Tenable has extracted the precedin...

MiracleLinux 8 : curl-7.61.1-30.el8.2.ML.1 (AXSA:2023-6186:10)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6186:10 advisory. curl: FTP too eager connection reuse CVE-2023-27535 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 9 : grafana-10.2.6-17.el9_7 (AXSA:2025-11560:14)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11560:14 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : dotnet6.0-6.0.118-1.el8.ML.1 (AXSA:2023-6205:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6205:16 advisory. dotnet: .NET Kestrel: Denial of Service processing X509 Certificates CVE-2023-29331 dotnet: vulnerability exists in NuGet where a potential race...

MiracleLinux 8 : redis:6 (AXSA:2022-4434:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4434:01 advisory. redis: Code injection via Lua script execution environment CVE-2022-24735 redis: Malformed Lua script can crash Redis CVE-2022-24736 Tenable has...

MiracleLinux 9 : python3.11-3.11.9-7.el9 (AXSA:2024-9265:28)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9265:28 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 python: cpython: Iterating over a malicious ZIP fil...

MiracleLinux 9 : 389-ds-base-2.4.5-8.el9_4 (AXSA:2024-8282:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8282:06 advisory. 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request CVE-2024-3657 389-ds-base: Malformed userPassword may cause...

MiracleLinux 8 : python-lxml-4.2.3-3.el8 (AXSA:2021-2726:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2726:02 advisory. python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 Tenable has extracted the preceding description block...