AlmaLinux 10 : binutils (ALSA-2025:23306)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23306 advisory. binutils: GNU Binutils Linker heap-based overflow CVE-2025-11082 binutils: GNU Binutils Linker heap-based overflow CVE-2025-11083 Tenable has extracted...

AlmaLinux 10 : tomcat9 (ALSA-2025:23052)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23052 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via...

AlmaLinux 9 : openssh (ALSA-2025:23480)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23480 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in ssh:// U...

AlmaLinux 10 : libssh (ALSA-2025:23484)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23484 advisory. libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend CVE-2025-5987 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : podman (ALSA-2025:23325)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23325 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

AlmaLinux 10 : podman (ALSA-2025:23295)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23295 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : skopeo (ALSA-2025:23326)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23326 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

AlmaLinux 10 : httpd (ALSA-2025:23932)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23932 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileIn...

AlmaLinux 9 : python3.12 (ALSA-2025:23323)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23323 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 Tenable has extracted the preceding description bloc...

AlmaLinux 10 : python3.12 (ALSA-2025:23940)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23940 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 Tenable has extracted the preceding description blo...

AlmaLinux 8 : binutils (ALSA-2025:23382)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23382 advisory. binutils: GNU Binutils Linker heap-based overflow CVE-2025-11083 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : git-lfs (ALSA-2025:23745)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23745 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 8 : curl (ALSA-2025:23383)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23383 advisory. curl: libcurl: Curl out of bounds read for cookie path CVE-2025-9086 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : openssh (ALSA-2025:23481)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23481 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in ssh:// U...

AlmaLinux 8 : webkit2gtk3 (ALSA-2025:23663)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23663 advisory. webkitgtk: webkitgtk: Use-after-free due to improper memory management CVE-2025-43529 webkitgtk: Processing maliciously crafted web content may lead to a...

AlmaLinux 8 : httpd:2.4 (ALSA-2025:23732)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23732 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...

ALSA-2025:23729 Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 For more details about the security issues, including the impact, a CVSS score,...

AlmaLinux 9 : tomcat (ALSA-2025:23049)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23049 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via...

AlmaLinux 9 : mysql:8.4 (ALSA-2025:23111)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23111 advisory. mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044 mysql: InnoDB...

AlmaLinux 9 : keylime (ALSA-2025:23210)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23210 advisory. keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration CVE-2025-13609 Tenable has extracted the preceding description block directly...