AlmaLinux 9 : ruby:3.3 (ALSA-2025:23063)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23063 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 Tenable has extracted the preceding description bloc...

AlmaLinux 8 : python3.12 (ALSA-2026:0123)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0123 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 cpython: python: cpython: Quadratic algorith...

AlmaLinux 8 : ruby:3.3 (ALSA-2025:23062)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23062 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 Tenable has extracted the preceding description bloc...

AlmaLinux 9 : httpd (ALSA-2025:23919)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23919 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInf...

AlmaLinux 9 : kernel (ALSA-2025:23241)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23241 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file...

AlmaLinux 10 : thunderbird (ALSA-2026:0025)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:0025 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

AlmaLinux 10 : ruby (ALSA-2025:23141)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23141 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 Tenable has extracted the preceding description blo...

AlmaLinux 10 : kernel (ALSA-2025:23279)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23279 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process...

AlmaLinux 10 : tar (ALSA-2026:0002)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:0002 advisory. tar: Tar path traversal CVE-2025-45582 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has n...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2025:23543)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23543 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

AlmaLinux 9 : opentelemetry-collector (ALSA-2025:23729)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23729 advisory. github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 Tenable has extracted the preceding...

AlmaLinux 9 : thunderbird (ALSA-2025:23856)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:23856 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

AlmaLinux 8 : grafana (ALSA-2025:23948)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23948 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

AlmaLinux 10 : libssh (ALSA-2025:23484)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23484 advisory. libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend CVE-2025-5987 Tenable has extracted the preceding description block directly from the...

AlmaLinux 10 : tomcat9 (ALSA-2025:23052)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23052 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via...

AlmaLinux 9 : git-lfs (ALSA-2025:23744)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23744 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 10 : opentelemetry-collector (ALSA-2025:23664)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23664 advisory. github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 Tenable has extracted the preceding...

AlmaLinux 10 : binutils (ALSA-2025:23306)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23306 advisory. binutils: GNU Binutils Linker heap-based overflow CVE-2025-11082 binutils: GNU Binutils Linker heap-based overflow CVE-2025-11083 Tenable has extracted...

AlmaLinux 9 : binutils (ALSA-2025:23343)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23343 advisory. binutils: GNU Binutils Linker heap-based overflow CVE-2025-11083 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 10 : tomcat (ALSA-2025:23050)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23050 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Denial of service...