MiracleLinux 8 : flatpak-builder-1.0.14-2.el8 (AXSA:2022-4428:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4428:01 advisory. flatpak: flatpak-builder --mirror-screenshots-url can access files outside the build directory CVE-2022-21682 Tenable has extracted the preceding description...

MiracleLinux 9 : NetworkManager-1.48.10-2.el9.ML.1 (AXSA:2024-9183:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9183:16 advisory. NetworkManager: Denial of Service CVE-2024-6501 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 4 : xterm-253-1.0.1.AXS4 (AXSA:2021-1537:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1537:02 advisory. xterm: crash when processing combining characters CVE-2021-27135 CVEs: CVE-2021-27135 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.342.b07-1.el7 (AXSA:2022-3599:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3599:06 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

MiracleLinux 7 : python3-3.6.8-21.el7 (AXSA:2023-6570:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6570:07 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : postgresql-jdbc-42.2.28-1.el9_3 (AXSA:2024-7626:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7626:01 advisory. PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE CVE-2024-1597 Tenable has extracted the preceding description block...

MiracleLinux 9 : webkit2gtk3-2.36.7-1.el9.2 (AXSA:2023-5160:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5160:05 advisory. webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution CVE-2023-23529 Tenable has extracted the preceding...

MiracleLinux 7 : python-2.7.5-94.0.4.el7.AXS7 (AXSA:2024-8942:49)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8942:49 advisory. CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value. CVEs: CVE-2024-7592 There is a LOW...

MiracleLinux 8 : openssl-1.1.1k-9.el8 (AXSA:2023-5236:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5236:03 advisory. openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 openssl: timing attack in RSA Decryption implementation CVE-2022-4304...

MiracleLinux 8 : kernel-4.18.0-305.7.1.el8_4 (AXSA:2021-2251:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2251:15 advisory. kernel: use-after-free in net/bluetooth/hcievent.c when destroying an hcichan CVE-2021-33034 kernel: security bypass in certs/blacklist.c and...

MiracleLinux 4 : firefox-68.9.0-1.0.1.AXS4 (AXSA:2020-118:12)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-118:12 advisory. Mozilla: Use-after-free in SharedWorkerService CVE-2020-12405 Mozilla: JavaScript Type confusion with NativeTypes CVE-2020-12406 Mozilla: Memory safe...

MiracleLinux 9 : python3.9-3.9.16-1.el9.1 (AXSA:2023-6033:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6033:03 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : ksh-20120801-253.el8 (AXSA:2020-169:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-169:04 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

MiracleLinux 8 : php:7.4 (AXSA:2022-3752:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3752:01 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 Tenable has extracted the preceding description block directly from...

MiracleLinux 4 : thunderbird-78.10.0-1.0.1.AXS4 (AXSA:2021-1718:08)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1718:08 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.191-2.6.15.4.0.1.el7.AXS7 (AXSA:2018-3274:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3274:03 advisory. OpenJDK: insufficient index validation in PatternSyntaxException getMessage Concurrency, 8199547 CVE-2018-2952 Tenable has extracted the preceding descriptio...

MiracleLinux 8 : dotnet5.0-5.0.204-1.el8.ML.1 (AXSA:2021-2306:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2306:07 advisory. dotnet: ASP.NET Core Client Disconnect Denial of Service CVE-2021-31957 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.362.b08-1.el7 (AXSA:2023-4855:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4855:02 advisory. OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 8 : python3.11-urllib3-1.26.12-5.el8_10 (AXSA:2024-9461:05)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9461:05 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 Tenable has extracted the preceding descriptio...

MiracleLinux 9 : libguestfs-winsupport-9.2-1.el9 (AXSA:2023-5849:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5849:01 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfsgetattributevalue...