MiracleLinux 8 : python38:3.8 (AXSA:2021-2388:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2388:01 advisory. PyYAML: incomplete fix for CVE-2020-1747 CVE-2020-14343 Modularity name: python38 Stream name: 3.8 Tenable has extracted the preceding description block...

MiracleLinux 8 : java-11-openjdk-11.0.14.0.9-2.el8 (AXSA:2022-3014:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3014:02 advisory. OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Incorrect reading of TIFF...

MiracleLinux 7 : kernel-3.10.0-1127.18.2.el7 (AXSA:2020-263:09)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-263:09 advisory. kernel: kernel: DAX hugepages not considered during mremap CVE-2020-10757 kernel: buffer overflow in mwifiexcmdappendvsietlv function in...

MiracleLinux 8 : bind-9.11.20-5.el8.1 (AXSA:2021-1540:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1540:03 advisory. bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation CVE-2020-8625 Tenable has extracted the preceding description...

MiracleLinux 9 : fwupd-1.8.10-2.el9.ML.1 (AXSA:2023-5696:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5696:02 advisory. fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 shim: 3rd party shim allow secure boot bypass CVE-2022-34301 shim: 3rd party...

MiracleLinux 8 : cpio-2.12-10.el8 (AXSA:2021-1794:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1794:01 advisory. cpio: improper input validation when writing tar header fields leads to unexpected tar generation CVE-2019-14866 Tenable has extracted the preceding...

MiracleLinux 9 : qemu-kvm-7.2.0-14.el9.5.ML.1 (AXSA:2023-6420:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6420:06 advisory. QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service CVE-2023-3354 Tenable has extracted the preceding...

MiracleLinux 9 : samba-4.16.4-101.el9 (AXSA:2023-4800:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4800:01 advisory. samba: server memory information leak via SMB1 CVE-2022-32742 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : python-pip-21.2.3-7.el9 (AXSA:2023-6874:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6874:01 advisory. python: tarfile module directory traversal CVE-2007-4559 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : sqlite-3.26.0-11.el8 (AXSA:2020-1005:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-1005:03 advisory. sqlite: Use-after-free in window function leading to remote code execution CVE-2019-5018 sqlite: Division by zero in whereLoopAddBtreeIndex in...

MiracleLinux 8 : gnutls-3.6.14-8.el8, nettle-3.4.1-4.el8 (AXSA:2021-1688:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1688:01 advisory. nettle: Out of bounds memory access in signature verification CVE-2021-20305 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.392.b08-2.el7 (AXSA:2023-6510:18)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6510:18 advisory. OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path validation issue during client authentication 8309966...

MiracleLinux 9 : pcp-6.2.2-7.el9.ML.1 (AXSA:2024-9383:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9383:07 advisory. pcp: pmpost symlink attack allows escalating pcp to root user CVE-2024-45770 pcp: pmcd heap corruption through metric pmstore operations...

MiracleLinux 9 : webkit2gtk3-2.36.7-1.el9.3 (AXSA:2023-5308:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5308:07 advisory. WebKitGTK: use-after-free leads to arbitrary code execution CVE-2023-28205 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 9 : containernetworking-plugins-1.5.1-3.el9_5 (AXSA:2024-9487:07)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9487:07 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...

MiracleLinux 8 : pixman-0.38.4-3.el8_9 (AXSA:2024-7385:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7385:01 advisory. pixman: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write CVE-2022-44638 Tenable has extracted the preceding description block...

MiracleLinux 8 : osbuild-composer-100-1.el8.ML.1, osbuild-110-1.el8.ML.1 (AXSA:2024-8384:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8384:02 advisory. osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 Tenable has extracted the preceding description block...

MiracleLinux 8 : haproxy-1.8.27-5.el8_10.1 (AXSA:2024-8984:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8984:02 advisory. haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539 Tenable has extracted the preceding description...

MiracleLinux 9 : python3.11-3.11.2-2.el9.1 (AXSA:2023-6031:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6031:01 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : mariadb:10.3 (AXSA:2021-1477:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1477:01 advisory. mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep CVE-2020-15180 mysql: InnoDB unspecified vulnerability CPU Oct...