RHEL 8 : pki-deps:10.6 (RHSA-2026:2724)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2724 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: tomcat: Apache...

RHEL 8 : pki-deps:10.6 (RHSA-2026:2726)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2726 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: tomcat: Apache...

MiracleLinux 8 : pki-core:10.6 (AXSA:2024-8557:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8557:01 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : pki-core:10.6 (AXSA:2021-2369:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2369:01 advisory. pki-server: Dogtag installer pkispawn logs admin credentials into a world-readable log file CVE-2021-3551 The PKI installer pkispawn logs admin credentials...

MiracleLinux 7 : pki-core-10.5.18-24.el7 (AXSA:2022-4313:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4313:05 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : pki-core:10.6 (AXSA:2021-1628:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1628:01 advisory. pki-core: Unprivileged users can renew any certificate CVE-2021-20179 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : pki-core:10.6 (AXSA:2020-931:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-931:01 advisory. jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig CVE-2019-14540 jackson-databind: Serialization gadgets in...

MiracleLinux 9 : pki-core-11.0.6-2.el9.ML.1 (AXSA:2023-5106:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5106:02 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : pki-core:10.6 (AXSA:2022-4440:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4440:01 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : pki-core-11.5.0-2.el9_4.ML.1 (AXSA:2024-8488:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8488:02 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : pki-core:10.6 (AXSA:2024-8411:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8411:01 advisory. jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : jss-5.3.0-1.el9, ldapjdk-5.3.0-1.el9, pki-core-11.3.0-1.el9, tomcatjss-8.3.0-1.el9 (AXSA:2023-5762:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5762:01 advisory. pki-core: When using the caServerKeygenDirUserCert profile, user can get certificates for other UIDs by entering name in Subject field CVE-2022-2393 Tenable...

MiracleLinux 8 : pki-core:10.6 (AXSA:2022-3574:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3574:01 advisory. JSS: memory leak in TLS connection leads to OOM CVE-2021-4213 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : pki-core-10.5.18-23.el7 (AXSA:2022-3912:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3912:03 advisory. pki-core: When using the caServerKeygenDirUserCert profile, user can get certificates for other UIDs by entering name in Subject field CVE-2022-2393 Tenable...

MiracleLinux 7 : pki-core-10.5.18-32.el7 (AXSA:2024-8569:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8569:03 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : pki-core:10.6 (AXSA:2021-2287:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2287:01 advisory. resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class CVE-2020-1695 Tenable has extracted the preceding description block...

MiracleLinux 8 : pki-core:10.6 (AXSA:2021-1597:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1597:01 advisory. jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 bootstrap: XSS in the data-target attribute CVE-2016-10735 bootstrap:...

MiracleLinux 4 : pki-core-9.0.3-30.AXS4 (AXSA:2013-181:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-181:01 advisory. Certificate System CS is an enterprise software system designed to manage enterprise Public Key Infrastructure PKI deployments. PKI Core contains fundamental...

MiracleLinux 7 : pki-core-10.5.1-13.1.el7 (AXSA:2018-3231:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3231:02 advisory. pki-core: Mishandled ACL configuration in AAclAuthz.java reverses rules that allow and deny access CVE-2018-1080 Tenable has extracted the preceding...

MiracleLinux 4 : pki-core-9.0.3-43.AXS4 (AXSA:2015-401:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-401:01 advisory. ================================== || ABOUT CERTIFICATE SYSTEM || ================================== Certificate System CS is an enterprise software system...