AlmaLinux 9 : httpd (ALSA-2025:15023)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15023 advisory. httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible using TLS...

AlmaLinux 9 : podman (ALSA-2025:15900)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:15900 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : firefox (ALSA-2025:16260)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:16260 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...

AlmaLinux 9 : thunderbird (ALSA-2025:16156)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:16156 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...

AlmaLinux 8 : thunderbird (ALSA-2025:16589)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:16589 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...

AlmaLinux 9 : kernel (ALSA-2025:15740)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:15740 advisory. kernel: ipv6: mcast: Delay put pmc-idev in mlddeldelrec CVE-2025-38550 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : kernel-rt (ALSA-2025:16373)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:16373 advisory. kernel: vsock: Fix transport TOCTOU CVE-2025-38461 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : kernel (ALSA-2025:15785)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15785 advisory. kernel: net: usb: smsc75xx: Limit packet length to skb-len CVE-2023-53125 kernel: net/sched: Always pass notifications when child class becomes empty...

AlmaLinux 9 : opentelemetry-collector (ALSA-2025:15887)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:15887 advisory. net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : python-cryptography (ALSA-2025:15874)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:15874 advisory. python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2025:15904)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:15904 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : kernel (ALSA-2025:15429)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15429 advisory. kernel: udmabuf: fix a buf size overflow issue during udmabuf creation CVE-2025-37803 kernel: idpf: convert control queue mutex to a spinlock...

ALSA-2025:15887 Moderate: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

AlmaLinux 8 : kernel (ALSA-2025:15008)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15008 advisory. kernel: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction CVE-2025-38211 kernel: scsi: lpfc: Use memcpy for BIOS version CVE-2025-3833...

AlmaLinux 8 : kernel-rt (ALSA-2025:15472)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15472 advisory. kernel: bpf: Don't use tnumrange on array range checking for poke descriptors CVE-2022-49985 kernel: posix-cpu-timers: fix race between...

AlmaLinux 8 : pam (ALSA-2025:14557)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14557 advisory. linux-pam: Linux-pam directory Traversal CVE-2025-6020 Tenable has extracted the preceding description block directly from the AlmaLinux security advisor...

AlmaLinux 8 : httpd:2.4 (ALSA-2025:15123)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15123 advisory. httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible using TLS...

AlmaLinux 8 : python3.12 (ALSA-2025:14546)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14546 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : postgresql:12 (ALSA-2025:15115)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15115 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-871...

AlmaLinux 9 : mod_http2 (ALSA-2025:14983)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:14983 advisory. httpd: modproxyhttp2: untrusted input from a client causes an assertion to fail in the Apache modproxyhttp2 module CVE-2025-49630 Tenable has extracted the...