AlmaLinux 8 : kernel (ALSA-2025:14438)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14438 advisory. kernel: udp: Fix memory accounting leak. CVE-2025-22058 kernel: i40e: fix MMIO write access to an invalid page in i40eclearhw CVE-2025-38200 Tenable has...

AlmaLinux 8 : kernel-rt (ALSA-2025:15009)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15009 advisory. kernel: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction CVE-2025-38211 kernel: tipc: Fix use-after-free in tipcconnclose...

AlmaLinux 9 : postgresql:15 (ALSA-2025:14862)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14862 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-871...

AlmaLinux 9 : postgresql (ALSA-2025:14878)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14878 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-871...

AlmaLinux 9 : postgresql:16 (ALSA-2025:14827)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14827 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-871...

AlmaLinux 8 : python3.11 (ALSA-2025:14841)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14841 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : tomcat (ALSA-2025:14181)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14181 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125...

AlmaLinux 8 : libarchive (ALSA-2025:14135)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14135 advisory. libarchive: Double free at archivereadformatrarseekdata in archivereadsupportformatrar.c CVE-2025-5914 Tenable has extracted the preceding description block...

AlmaLinux 9 : libarchive (ALSA-2025:14130)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14130 advisory. libarchive: Double free at archivereadformatrarseekdata in archivereadsupportformatrar.c CVE-2025-5914 Tenable has extracted the preceding description block...

AlmaLinux 8 : tomcat (ALSA-2025:14177)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14177 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125...

AlmaLinux 8 : pki-deps:10.6 (ALSA-2025:14126)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14126 advisory. com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 Tenable has extracted the preceding description block directly...

Important: pki-deps:10.6 security update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 For more details about the security issues, including the impact, a CVSS...

CLSA-2025-1755618159 Update of rust

Bootstrap for ALmaLinux 9.2 ESU...

AlmaLinux 9 : xterm (ALSA-2025:14075)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14075 advisory. xterm: Buffer overflow in setsixel in graphicssixel.c CVE-2022-24130 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : kernel-rt (ALSA-2025:13961)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13961 advisory. kernel: drm/vkms: Fix use after free and double free on init error CVE-2025-22097 kernel: netsched: ets: Fix double list add in class with netem as child...

AlmaLinux 9 : golang (ALSA-2025:13935)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:13935 advisory. cmd/go: Go VCS Command Execution Vulnerability CVE-2025-4674 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 9 : kernel (ALSA-2025:13602)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13602 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux...

AlmaLinux 8 : webkit2gtk3 (ALSA-2025:13780)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13780 advisory. angle: insufficient input validation can cause undefined behavior CVE-2025-6558 webkitgtk: A download?s origin may be incorrectly associated CVE-2025-432...

AlmaLinux 9 : python3.11-setuptools (ALSA-2025:13578)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:13578 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and...

AlmaLinux 8 : thunderbird (ALSA-2025:13676)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:13676 advisory. firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox...