MiracleLinux 8 : xorg-x11-server-Xwayland-21.1.3-15.el8 (AXSA:2024-8302:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8302:02 advisory. xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 xorg-x11-server: out-of-bounds memory reads/writ...

MiracleLinux 8 : ruby:2.5 (AXSA:2022-3087:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3087:01 advisory. rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host...

MiracleLinux 7 : java-11-openjdk-11.0.22.0.7-1.el7 (AXSA:2024-7426:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7426:01 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 8 : dotnet3.1-3.1.423-1.el8.ML.1 (AXSA:2022-3850:11)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3850:11 advisory. dotnet: DenialOfService - ASP.NET Core MVC vulnerable to stack overflow via ModelStateDictionary recursion. CVE-2022-38013 Tenable has extracted the precedin...

MiracleLinux 8 : webkit2gtk3-2.38.5-1.el8.3.ML.1 (AXSA:2023-6171:13)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6171:13 advisory. WebKitGTK: Regression of CVE-2023-28205 fixes in the MIRACLE LINUX CVE-2023-2203 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : freerdp-2.1.1-2.el7 (AXSA:2020-625:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-625:05 advisory. freerdp: Out of bound read in cliprdrserverreceivecapabilities CVE-2020-11018 freerdp: Out of bound read/write in usb redirection channel...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8389:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8389:01 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of...

MiracleLinux 9 : keylime-agent-rust-0.1.0-1.el9, keylime-6.5.1-1.el9 (AXSA:2023-5102:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5102:01 advisory. keylime: exception handling and impedance match in tornadorequests CVE-2022-3500 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.292.b10-1.el7 (AXSA:2021-1701:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1701:06 advisory. OpenJDK: Incomplete enforcement of JAR signing disabled algorithms 8249906 CVE-2021-2163 Tenable has extracted the preceding description block directly from...

MiracleLinux 4 : log4j-1.2.14-6.4.0.1.AXS4 (AXSA:2021-2880:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2880:02 advisory. log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender CVE-2021-4104 Tenable has extracted the preceding description blo...

MiracleLinux 8 : python3-3.6.8-37.el8 (AXSA:2021-2061:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2061:02 advisory. python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 python: Unsafe use of eval on data retrieved via HTTP in the te...

MiracleLinux 7 : firefox-68.9.0-1.0.1.el7.AXS7 (AXSA:2020-124:13)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-124:13 advisory. Mozilla: Use-after-free in SharedWorkerService CVE-2020-12405 Mozilla: JavaScript Type confusion with NativeTypes CVE-2020-12406 Mozilla: Memory safe...

MiracleLinux 9 : skopeo-1.14.5-1.el9_4 (AXSA:2024-8757:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8757:04 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 Tenable has extracted the preceding description block...

MiracleLinux 8 : xz-5.2.4-4.el8 (AXSA:2022-3662:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3662:02 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : nginx:1.18 (AXSA:2021-2309:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2309:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...

MiracleLinux 7 : keycloak-httpd-client-install-0.8-1.el7 (AXSA:2019-4175:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4175:01 advisory. keycloak-httpd-client-install: unsafe /tmp log file in --log-file option in keycloakcli.py CVE-2017-15111 keycloak-httpd-client-install: unsafe use ...

MiracleLinux 9 : git-2.39.3-1.el9 (AXSA:2023-5963:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5963:09 advisory. git: by feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled contents...

MiracleLinux 8 : edk2-20220126gitbb1bba3d77-13.el8_10.4 (AXSA:2024-9443:13)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9443:13 advisory. edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : libpq-13.11-1.el9 (AXSA:2023-6851:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6851:01 advisory. postgresql: Client memory disclosure when connecting with Kerberos to modified server CVE-2022-41862 Tenable has extracted the preceding description block...

MiracleLinux 8 : emacs-26.1-7.el8.1 (AXSA:2023-5311:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5311:01 advisory. emacs: command injection vulnerability in org-mode CVE-2023-28617 Tenable has extracted the preceding description block directly from the MiracleLinux securi...