MiracleLinux 9 : python3.9-3.9.18-3.el9_4.3 (AXSA:2024-8598:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8598:04 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2023-6215:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6215:01 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python-jinja2-2.10.1-5.el8_10 (AXSA:2024-8524:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8524:03 advisory. jinja2: accepts keys containing non-attribute characters CVE-2024-34064 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : resource-agents-4.1.1-98.el8 (AXSA:2021-2804:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2804:10 advisory. python-pygments: Infinite loop in SML lexer may lead to DoS CVE-2021-20270 python-pygments: ReDoS in multiple lexers CVE-2021-27291 Tenable has...

MiracleLinux 8 : python-jinja2-2.10.1-4.el8 (AXSA:2024-8289:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8289:02 advisory. jinja2: HTML attribute injection when passing user input as keys to xmlattr filter CVE-2024-22195 Tenable has extracted the preceding description block...

MiracleLinux 9 : python3.11-3.11.9-7.el9_5.2 (AXSA:2024-9495:34)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9495:34 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python27:2.7 (AXSA:2021-1555:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1555:01 advisory. python: infinite loop in the tarfile module via crafted TAR archive CVE-2019-20907 python-pip: directory traversal in downloadhttpurl function in...

MiracleLinux 8 : python3.11-3.11.10-1.el8_10 (AXSA:2024-8969:25)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8969:25 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 9 : python-setuptools-53.0.0-12.el9_4.1 (AXSA:2024-8685:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8685:02 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

MiracleLinux 8 : python-lxml-4.2.3-4.el8 (AXSA:2022-3370:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3370:01 advisory. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Tenable has extracted the preceding description block direct...

MiracleLinux 7 : python-pillow-2.0.0-25.gitd1c6db8.el7 (AXSA:2024-7532:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7532:02 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : python-pip-9.0.3-7.el7 (AXSA:2020-4518:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4518:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python-urllib3: CRLF injection...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.1 (AXSA:2024-8483:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8483:16 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : python3.11-3.11.7-1.el9.ML.1 (AXSA:2024-7974:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7974:03 advisory. python: Parsing errors in email/parseaddr.py lead to incorrect value in email address part of tuple CVE-2023-27043 Tenable has extracted the preceding...

MiracleLinux 9 : python-mako-1.1.4-6.el9 (AXSA:2023-5414:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5414:01 advisory. python-mako: REDoS in Lexer class CVE-2022-40023 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 8 : python27:2.7 (AXSA:2022-4445:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4445:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107. Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : python-pillow-2.0.0-21.gitd1c6db8.el7 (AXSA:2020-560:04)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-560:04 advisory. python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images CVE-2020-5313 Tenable has extracted the preceding description block directly fro...

MiracleLinux 8 : python-lxml-4.2.3-3.el8 (AXSA:2021-2726:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2726:02 advisory. python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 Tenable has extracted the preceding description block...

MiracleLinux 9 : python3.11-3.11.9-7.el9 (AXSA:2024-9265:28)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9265:28 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 python: cpython: Iterating over a malicious ZIP fil...

MiracleLinux 7 : python-2.7.5-88.0.1.el7.AXS7 (AXSA:2020-4713:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4713:15 advisory. python: Cookie domain check returns incorrect results CVE-2018-20852 python: email.utils.parseaddr wrongly parses email addresses CVE-2019-16056...