The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0972 advisory.
– kiali: ignoring JWT claim fields (CVE-2020-1762)
– npmjs-url-parse: Improper validation of protocol of the returned URL (CVE-2020-8124)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More