Oracle Linux 10 : nodejs22 (ELSA-2025-7502)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7502 advisory. - Update c-ares with fix for CVE-2025-31498 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 10 : perl-FCGI (ELSA-2025-8636)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-8636 advisory. 1:0.82-13.1 - Fix CVE-2025-40907 integer overflow when parsing FastCGI parameters Tenable has extracted the preceding description block directly from the Oracl...

Oracle Linux 10 : tomcat (ELSA-2025-7497)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7497 advisory. - Resolves: RHEL-82925 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 - Resolves:...

Oracle Linux 10 : grafana (ELSA-2025-7892)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7892 advisory. - Resolves RHEL-89943: CVE-2025-4123 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

Oracle Linux 10 : krb5 (ELSA-2025-9418)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9418 advisory. - Don't issue RC4 session keys by default CVE-2025-3576 Resolves: RHEL-88047 Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 10 : python-setuptools (ELSA-2025-9940)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9940 advisory. - Security fix for CVE-2025-47273 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 10 : ruby (ELSA-2025-8131)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8131 advisory. - Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 - Fix Denial of Service in CGI::Cookie.parse. CVE-2025-27219 Resolves:...

Oracle Linux 10 : grafana (ELSA-2025-8666)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8666 advisory. - Resolves RHEL-89943: CVE-2025-4123 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

Oracle Linux 10 : .NET / 8.0 (ELSA-2025-8814)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8814 advisory. 8.0.117-1.0.1 - Add support for Oracle Linux 8.0.117-1 - Update to .NET SDK 8.0.117 and Runtime 8.0.17 - Resolves: RHEL-94416 8.0.116-2 - Update to .NET SDK...

Oracle Linux 10 : iputils (ELSA-2025-9421)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9421 advisory. 20240905-2.1 - Fix CVE-2025-47268 iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping RHEL-94582 Tenable has extracted the preceding...

kernel security update

5.14.0-570.24.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

osbuild-composer security update

101-4.0.1 - Rebuilt to fix: - CVE-2024-34156 - CVE-2024-1394 - RHEL-24303 - RHEL-57905 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size...

Oracle Linux 10 : yggdrasil (ELSA-2025-7592)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7592 advisory. 0.4.5-3 - Fix CVE-2025-3931 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

Oracle Linux 10 : perl (ELSA-2025-7500)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7500 advisory. 4:5.40.2-512.1 - 5.40.2 bump see - Resolves: RHEL-87186 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 10 : git (ELSA-2025-7482)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7482 advisory. 2.47.1-2 - add the option to sanitize sideband channel messages - Resolves: RHEL-74175 Tenable has extracted the preceding description block directly from the...

Oracle Linux 10 : mod_auth_openidc (ELSA-2025-7490)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-7490 advisory. 2.4.15-4.el100.1 - Fix CVE-2025-31492 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 10 : thunderbird (ELSA-2025-8608)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-8608 advisory. 128.11.0-1.0.1 - Add Oracle prefs 128.11.0-1 - Update to 128.11.0 128.10.1-1 - Update to 128.10.1 Tenable has extracted the preceding description bloc...

Oracle Linux 10 : kea (ELSA-2025-9178)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9178 advisory. - Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

Oracle Linux 10 : gstreamer1-plugins-bad-free (ELSA-2025-8184)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8184 advisory. 1.24.11-2 - fix for CVE-2025-3887 Resolves: RHEL-93045 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Oracle Linux 10 : varnish (ELSA-2025-8550)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8550 advisory. 7.6.1-2.el100.1 - Resolves: RHEL-89691 - varnish: request smuggling attacks CVE-2025-47905 Tenable has extracted the preceding description block directly from...