MiracleLinux 9 : openexr-3.1.1-2.el9.1 (AXSA:2024-9242:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9242:02 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...

PT-2025-48202

Name of the Vulnerable Software and Affected Versions node-forge versions 1.3.1 and below Description An uncontrolled recursion issue exists in node-forge, a native implementation of Transport Layer Security in JavaScript. The issue allows remote, unauthenticated attackers to create complex ASN.1...

rexml: DoS vulnerability in REXML

A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...