MiracleLinux 8 : git-lfs-3.2.0-2.el8 (AXSA:2023-5956:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5956:02 advisory. golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang: regexp/syntax: limit memory used by...

MiracleLinux 9 : containernetworking-plugins-1.2.0-1.el9 (AXSA:2023-5584:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5584:01 advisory. golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 golang: crypto/tls: session...

MiracleLinux 9 : python3.11-3.11.2-2.el9.1 (AXSA:2023-6031:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6031:01 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : nodejs:18 (AXSA:2023-4944:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4944:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...

MiracleLinux 9 : emacs-27.2-8.el9 (AXSA:2023-5619:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5619:03 advisory. emacs: ctags local command execution vulnerability CVE-2022-45939 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 9 : nodejs-nodemon-2.0.20-2.el9, nodejs-16.18.1-3.el9 (AXSA:2023-5057:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5057:01 advisory. minimist: prototype pollution CVE-2021-44906 nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: HTTP Request Smuggling due t...

MiracleLinux 9 : redis-6.2.7-1.el9 (AXSA:2023-4604:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4604:01 advisory. redis: Code injection via Lua script execution environment CVE-2022-24735 redis: Malformed Lua script can crash Redis CVE-2022-24736 Tenable has...

MiracleLinux 9 : kernel-5.14.0-162.23.1.el9_1 (AXSA:2023-5296:12)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5296:12 advisory. kernel: FUSE filesystem low-privileged user privileges escalation CVE-2023-0386 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.392.b08-2.el7 (AXSA:2023-6510:18)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6510:18 advisory. OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path validation issue during client authentication 8309966...

MiracleLinux 8 : edk2-20220126gitbb1bba3d77-4.el8 (AXSA:2023-5950:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5950:03 advisory. openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 openssl: timing attack in RSA Decryption implementation CVE-2022-4304...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.382.b05-2.el8 (AXSA:2023-6261:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6261:16 advisory. OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 83044...

MiracleLinux 8 : cockpit-composer-41-1.el8, osbuild-composer-62-1.el8.ML.1, osbuild-65-1.el8.ML.2, weldr-client-35.5-4.el8 (AXSA:2023-4757:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4757:01 advisory. golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service CVE-2022-32189...

MiracleLinux 7 : git-1.8.3.1-24.el7 (AXSA:2023-5173:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5173:03 advisory. git: gitattributes parsing integer overflow CVE-2022-23521 git: Heap overflow in git archive, git log --format leading to RCE CVE-2022-41903 Tenable...

MiracleLinux 8 : nodejs:18 (AXSA:2023-5259:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5259:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 http-cache-semantics: Regular Expression Denial of Service ReDoS vulnerability...

MiracleLinux 8 : nodejs:14 nodejs-nodemon-2.0.20-2.module+el8+1579+35966ec0, nodejs-packaging-23-3.module+el8+1579+35966ec0, nodejs-14.21.1-2.module+el8+1579+35966ec0 (AXSA:2023-4653:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4653:01 advisory. minimist: prototype pollution CVE-2021-44906 node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-0235 nodejs-minimatch:...

MiracleLinux 9 : golang-1.19.10-1.el9, go-toolset-1.19.10-1.el9 (AXSA:2023-6174:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6174:04 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary...

MiracleLinux 8 : kernel-4.18.0-477.21.1.el8_8 (AXSA:2023-6359:23)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6359:23 advisory. kernel: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 kernel: tcindex: use-after-free vulnerabili...

MiracleLinux 9 : libksba-1.5.1-6.el9 (AXSA:2023-5053:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5053:03 advisory. libksba: integer overflow to code executiona CVE-2022-47629 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : firefox-102.4.0-1.el9.ML.1 (AXSA:2023-4980:05)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4980:05 advisory. Mozilla: Same-origin policy violation could have leaked cross-origin URLs CVE-2022-42927 Mozilla: Memory Corruption in JS Engine CVE-2022-42928...

MiracleLinux 9 : thunderbird-102.5.0-2.el9.ML.1 (AXSA:2023-5045:06)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5045:06 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...