AlmaLinux 9 : php:8.2 (ALSA-2025:7432)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7432 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decod...

AlmaLinux 9 : libblockdev (ALSA-2025:9327)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9327 advisory. libblockdev: LPE from allowactive to root in libblockdev via udisks CVE-2025-6019 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : python3.11 (ALSA-2025:7109)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7109 advisory. python: cpython: URL parser allowed square brackets in domain names CVE-2025-0938 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : python3.12 (ALSA-2025:7107)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7107 advisory. python: cpython: URL parser allowed square brackets in domain names CVE-2025-0938 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : libblockdev (ALSA-2025:9878)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9878 advisory. libblockdev: LPE from allowactive to root in libblockdev via udisks CVE-2025-6019 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : libvpx (ALSA-2025:9119)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9119 advisory. libvpx: Double-free in libvpx encoder CVE-2025-5283 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : pam (ALSA-2025:10027)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:10027 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 8 : kernel-rt (ALSA-2025:9581)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:9581 advisory. kernel: cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 kernel: security/keys: fix slab-out-of-bounds in keytaskpermission...

AlmaLinux 8 : python3.11 (ALSA-2025:10026)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10026 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

AlmaLinux 8 : python3.12 (ALSA-2025:10031)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10031 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

AlmaLinux 9 : python3.9 (ALSA-2025:10136)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10136 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

AlmaLinux 9 : kernel (ALSA-2025:9880)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9880 advisory. kernel: Squashfs: fix handling and sanity checking of xattrids count CVE-2023-52933 Tenable has extracted the preceding description block directly from the AlmaLin...

AlmaLinux 8 : sudo (ALSA-2025:10110)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:10110 advisory. sudo: LPE via host option CVE-2025-32462 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has...

AlmaLinux 8 : python3 (ALSA-2025:10128)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10128 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

AlmaLinux 8 : firefox (ALSA-2025:10074)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:10074 advisory. firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet...

AlmaLinux 8 : container-tools:4.0 (ALSA-2023:6938)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:6938 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handlin...

AlmaLinux 9 : firefox (ALSA-2025:10072)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10072 advisory. firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet...

AlmaLinux 9 : sudo (ALSA-2025:9978)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9978 advisory. sudo: LPE via host option CVE-2025-32462 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has...

AlmaLinux 8 : osbuild-composer (ALSA-2025:9844)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9844 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly fro...

AlmaLinux 8 : perl-YAML-LibYAML (ALSA-2025:9329)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9329 advisory. yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 Tenable has extracted the preceding description block directly from the AlmaLinux securit...