Oracle Linux 8 : libjpeg-turbo (ELSA-2025-7540)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7540 advisory. 1.5.3-14 - updated previous fix RHEL-87364 1.5.3-13 - fix CVE-2020-13790: heap-based buffer over-read in getrgbrow RHEL-87364 Tenable has extracted the precedin...

Oracle Linux 8 : yelp / and / yelp-xsl (ELSA-2025-7569)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7569 advisory. - Fix CVE-2025-3155 RHEL-85922 yelp-xsl Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 8 : .NET / 9.0 (ELSA-2025-7571)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7571 advisory. 9.0.106-1.0.1 - Add support for Oracle Linux 9.0.106-1 - Update to .NET SDK 9.0.106 and Runtime 9.0.5 - Resolves: RHEL-89451 9.0.105-2 - Update to .NET SDK...

kernel security update

4.18.0-553.52.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2025-3844)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3844 advisory. 1:1.8.0.442.b06-1.0.3 - Fixed CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698 Orabug: 37840723 Tenable has extracted the preceding description block...

Oracle Linux 9 : Unbreakable Enterprise kernel (ELSA-2025-20318)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20318 advisory. - selftest/x86/bugs: Add selftests for ITS Pawan Gupta Orabug: 37863725 CVE-2024-28956 - x86/its: Align RETs in BHB clear sequence to avoid thunking Pawan Gupt...

Oracle Linux 8 : python39:3.9 (ELSA-2025-4791)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4791 advisory. modwsgi 4.7.1-7.1 - Resolves: RHEL-87514 - CVE-2022-2255 python39:3.9/modwsgi: Trusted Proxy Headers Removing Bypass numpy python39 python3x-pip...

Oracle Linux 8 : thunderbird (ELSA-2025-4797)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-4797 advisory. 128.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file - Force use of gcc-toolset-13 due to clang dependency 128.10.0 - Add...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20323)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20323 advisory. - selftest/x86/bugs: Add selftests for ITS Pawan Gupta Orabug: 37863726 CVE-2024-28956 - x86/its: Align RETs in BHB clear sequence to avoid thunking Pawan...

Oracle Linux 9 : emacs (ELSA-2025-4787)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4787 advisory. 1:27.2-11.el95.2 - Fix arbitrary code execution via Lisp macro expansion RHEL-69395 Tenable has extracted the preceding description block directly from the Orac...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20320)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20320 advisory. - x86/sev: Harden VC instruction emulation somewhat Borislav Petkov AMD Orabug: 37687865 CVE-2024-25743 CVE-2024-25742 - x86/entry: Do not allow...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-20319)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20319 advisory. - net: mana: Fix TX CQE error handling Haiyang Zhang Orabug: 36983924 CVE-2023-52532 - net: core: reject skbcopyexpand for fraglist GSO skbs Felix...

Oracle Linux 8 : thunderbird (ELSA-2025-4649)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-4649 advisory. 128.9.2-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file - Force use of gcc-toolset-13 due to clang dependency 128.9.2 - Add...

Oracle Linux 9 : osbuild-composer (ELSA-2025-4669)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4669 advisory. 118.2-1.0.1 - jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 Tenable has extracted the preceding description block directly from...

Oracle Linux 9 : ruby (ELSA-2025-4487)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-4487 advisory. - Fix Denial of Service in CGI::Cookie.parse. CVE-2025-27219 Resolves: RHEL-86104 - Fix ReDoS in CGI::UtilescapeElement. CVE-2025-27220 Resolves:...

Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2025-4597)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4597 advisory. cjose modauthopenidc 2.4.9.4-8 - Resolves: RHEL-87759 - Empty POST causes crash with OIDCPreservePost Tenable has extracted the preceding description block...

Oracle Linux 8 : libtiff (ELSA-2025-4658)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4658 advisory. 4.0.9-34 - fix CVE-2017-17095: heap-based buffer overflow in pal2rgb RHEL-87363 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 9 : ruby:3.1 (ELSA-2025-4488)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-4488 advisory. ruby 3.1.7-146 - Upgrade to Ruby 3.1.7. Resolves: RHEL-55410 - Fix DoS vulnerability in REXML. CVE-2024-39908 Resolves: RHEL-86077 Tenable has extracte...

Oracle Linux 9 : 389-ds-base (ELSA-2025-4491)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4491 advisory. - Resolves: RHEL-83874 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service rhel-9.5.z Tenable has extracted the preceding descripti...

Oracle Linux 8 : firefox (ELSA-2025-4458)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-4458 advisory. 128.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - Force use of gcc-toolset-13 due to clang dependency 128.10.0 - Add...