MiracleLinux 8 : squid:4 (AXSA:2021-1405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1405:01 advisory. squid: Improper input validation in request allows for proxy manipulation CVE-2019-12520 squid: Off-by-one error in addStackElement allows for heap...

MiracleLinux 7 : squid-3.5.20-17.el7.10 (AXSA:2024-7673:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7673:03 advisory. squid: denial of service in HTTP header parser CVE-2024-25617 squid: denial of service in HTTP request parsing CVE-2023-50269 squid: Buffer over-rea...

MiracleLinux 7 : rh-nodejs12-nodejs-12.16.1-1.el7 (AXSA:2020-4480:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4480:02 advisory. nodejs: HTTP request smuggling using malformed Transfer-Encoding header CVE-2019-15605 nodejs: Remotely trigger an assertion on a TLS server with a...

MiracleLinux 4 : python-twisted-web-8.2.0-6.AXS4 (AXSA:2020-036:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-036:02 advisory. python-twisted: HTTP request smuggling when presented with two Content-Length headers CVE-2020-10108 Tenable has extracted the preceding description block...

MiracleLinux 8 : squid:4 Security update (AXSA:2020-790:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-790:01 advisory. squid: HTTP Request Smuggling could result in cache poisoning CVE-2020-15810 squid: HTTP Request Splitting could result in cache poisoning...

MiracleLinux 8 : nginx:1.16 (AXSA:2021-1530:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1530:01 advisory. nginx: HTTP request smuggling in configurations with URL redirect used as errorpage CVE-2019-20372 Tenable has extracted the preceding description block...

MiracleLinux 4 : squid-3.1.23-24.0.1.AXS4 (AXSA:2021-1658:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1658:02 advisory. squid: improper input validation may allow a trusted client to perform HTTP request smuggling CVE-2020-25097 Tenable has extracted the preceding description...

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.2 (AXSA:2022-3133:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3133:02 advisory. httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 CVEs: CVE-2022-22720 Tenable has extracted the...

MiracleLinux 8 : nodejs:20 (AXSA:2024-7740:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7740:01 advisory. c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to retrie...

MiracleLinux 8 : [security - high] nodejs:16 (AXSA:2022-3898:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3898:01 advisory. nodejs: weak randomness in WebCrypto keygen CVE-2022-35255 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields CVE-2022-35256...

MiracleLinux 9 : tomcat-9.0.62-37.el9_3.2 (AXSA:2024-7586:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7586:05 advisory. tomcat: HTTP request smuggling via malformed trailer headers CVE-2023-46589 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : nodejs:14 (AXSA:2022-3839:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3839:01 advisory. nodejs: DNS rebinding in --inspect via invalid IP addresses CVE-2022-32212 nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding...

MiracleLinux 7 : rh-nodejs12-nodejs-12.18.4-3.el7 (AXSA:2020-894:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-894:04 advisory. nodejs-dot-prop: prototype pollution CVE-2020-8116 nodejs: HTTP request smuggling due to CR-to-Hyphen conversion CVE-2020-8201 npm: Sensitive...

MiracleLinux 8 : varnish:6 (AXSA:2022-3053:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3053:01 advisory. varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : nodejs:14 (AXSA:2022-4368:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4368:01 advisory. nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection CVE-2021-4453...

MiracleLinux 7 : rh-nodejs14-nodejs-nodemon-2.0.19-1.el7, rh-nodejs14-nodejs-14.20.0-2.el7 (AXSA:2022-3813:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3813:02 advisory. nodejs: DNS rebinding in --inspect via invalid IP addresses CVE-2022-32212 nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding...

MiracleLinux 9 : nodejs:18 (AXSA:2024-8154:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8154:01 advisory. nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service...

MiracleLinux 8 : nodejs:18 (AXSA:2022-4480:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4480:01 advisory. nodejs: weak randomness in WebCrypto keygen CVE-2022-35255 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields CVE-2022-35256...

MiracleLinux 7 : httpd-2.4.6-97.5.0.1.el7.AXS7 (AXSA:2022-3128:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3128:02 advisory. httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 Tenable has extracted the preceding description...

MiracleLinux 8 : nodejs:12 (AXSA:2021-1495:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1495:01 advisory. nodejs-mixin-deep: prototype pollution in function mixin-deep CVE-2019-10746 nodejs-set-value: prototype pollution in function set-value...