RHCOS 4 : Red Hat build of MicroShift 4.16.63 (RHSA-2026:20436)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20436 advisory. - google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation...

[SECURITY] Fedora 43 Update: rust-coreos-installer-0.26.0-2.fc43

coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines or, occasionally, to virtual machines...

[SECURITY] Fedora 44 Update: rust-coreos-installer-0.26.0-2.fc44

coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines or, occasionally, to virtual machines...

RHCOS 4 : Red Hat build of MicroShift 4.19.32 (RHSA-2026:20322)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20322 advisory. - google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation...

Fedora 43 : rust-coreos-installer (2026-b242a3b068)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b242a3b068 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

Fedora 44 : rust-coreos-installer (2026-eeb94c0e5e)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-eeb94c0e5e advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

RHCOS 4 : OpenShift Container Platform 4.18.42 (RHSA-2026:17446)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17446 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...

RHCOS 4 : Red Hat build of MicroShift 4.18.42 (RHSA-2026:18068)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18068 advisory. - google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation...

RHCOS 4 : OpenShift Container Platform 4.12.88 (RHSA-2026:12273)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:12273 advisory. - github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload CVE-2025-65637 Note that Nessus...

RHCOS 4 : OpenShift Container Platform 4.4.8 openshift (RHSA-2020:2448)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2448 advisory. - kubernetes: Server side request forgery SSRF in kube-controller-manager allows users to leak secret information CVE-2020-8555 Note that...

RHCOS 4 : OpenShift Container Platform 4.4.z jenkins-2-plugins (RHSA-2020:2737)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2737 advisory. - jenkins-script-security-plugin: sandbox protection bypass leads to execute arbitrary code in sandboxed scripts CVE-2019-16538 -...

RHCOS 4 : OpenShift Container Platform 4.2.36 python-psutil (RHSA-2020:2593)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2593 advisory. - python-psutil: Double free because of refcount mishandling CVE-2019-18874 Note that Nessus has not tested for this issue but has instead...

RHCOS 4 : OpenShift Container Platform 4.5.4 jenkins-2-plugins (RHSA-2020:3207)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:3207 advisory. - jenkins-script-security-plugin: cross-site scripting vulnerability due to configure sandboxed scripts CVE-2020-2190 Note that Nessus has no...

RHCOS 4 : OpenShift Container Platform 4.1 openshift (RHSA-2019:3266)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3266 advisory. - kubernetes: kubectl cp allows for arbitrary file write via double symlinks CVE-2019-11251 Note that Nessus has not tested for this issue bu...

RHCOS 3 : OpenShift Container Platform 3.9 cri-o (RHSA-2019:3812)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:3812 advisory. - containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure...

RHCOS 4 : OpenShift Container Platform 4.2.36 cri-o (RHSA-2020:2776)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2776 advisory. - cri-o: infra container reparented to systemd following OOM Killer killing it's conmon CVE-2019-14891 Note that Nessus has not tested for th...

RHCOS 4 : OpenShift Container Platform 4.7.12 (RHSA-2021:1562)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:1562 advisory. - runc: vulnerable to symlink exchange attack CVE-2021-30465 Note that Nessus has not tested for this issue but has instead relied only on th...

RHCOS 3 : OpenShift Container Platform 3.10 mediawiki (RHSA-2019:3238)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3238 advisory. - mediawiki: $wgRateLimits rate limit / ping limiter entry for 'user' overrides that for 'newbie' CVE-2018-0503 - mediawiki:...

RHCOS 3 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2020:0964)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0964 advisory. - openshift/jenkins-plugin: Deserialization in snakeyaml YAML objects allows for remote code execution CVE-2020-2167 Note that Nessus has not...

RHCOS 4 : OpenShift Container Platform 4.6.6 (RHSA-2020:5159)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5159 advisory. - golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs CVE-2020-16845 Note that Nessus has not tested...