The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0972 advisory.

– kiali: ignoring JWT claim fields (CVE-2020-1762)

– npmjs-url-parse: Improper validation of protocol of the returned URL (CVE-2020-8124)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More