ALSA-2025:23729 Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 For more details about the security issues, including the impact, a CVSS score,...

AlmaLinux 9 : keylime (ALSA-2025:23210)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23210 advisory. keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration CVE-2025-13609 Tenable has extracted the preceding description block directly...

AlmaLinux 9 : mysql:8.4 (ALSA-2025:23111)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23111 advisory. mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044 mysql: InnoDB...

AlmaLinux 9 : tomcat (ALSA-2025:23049)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23049 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via...

AlmaLinux 9 : grafana (ALSA-2025:23087)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23087 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

AlmaLinux 10 : kernel (ALSA-2025:22395)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22395 advisory. kernel: ublk: make sure ubq-canceling is set when queue is frozen CVE-2025-22068 kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm...

AlmaLinux 10 : mysql8.4 (ALSA-2025:23008)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23008 advisory. mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044 mysql: InnoDB...

AlmaLinux 8 : tomcat (ALSA-2025:23048)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23048 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via...

AlmaLinux 9 : wireshark (ALSA-2025:23142)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23142 advisory. wireshark: Access of Uninitialized Pointer in Wireshark CVE-2025-13499 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : firefox (ALSA-2025:23128)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:23128 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

AlmaLinux 8 : luksmeta (ALSA-2025:23086)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23086 advisory. luksmeta: Data corruption when handling LUKS1 partitions with luksmeta CVE-2025-11568 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : mysql:8.0 (ALSA-2025:23134)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23134 advisory. mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044 mysql: InnoDB...

AlmaLinux 9 : mysql (ALSA-2025:23109)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23109 advisory. mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044 mysql: InnoDB...

AlmaLinux 10 : wireshark (ALSA-2025:23083)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23083 advisory. wireshark: Access of Uninitialized Pointer in Wireshark CVE-2025-13499 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 10 : grafana (ALSA-2025:23088)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23088 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

AlmaLinux 10 : libsoup3 (ALSA-2025:23139)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23139 advisory. libsoup: Heap Use-After-Free in libsoup message queue handling during HTTP/2 read completion CVE-2025-12105 Tenable has extracted the preceding description block...

AlmaLinux 8 : mysql:8.4 (ALSA-2025:23137)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23137 advisory. mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044 mysql: InnoDB...

AlmaLinux 9 : firefox (ALSA-2025:23034)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23034 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

AlmaLinux 10 : kernel (ALSA-2025:22854)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22854 advisory. kernel: cifs: Fix oops due to uninitialised variable CVE-2025-38737 kernel: can: j1939: implement NETDEVUNREGISTER notification handler CVE-2025-39925...

AlmaLinux 8 : abrt (ALSA-2025:22760)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:22760 advisory. abrt: Command-injection in ABRT leading to local privilege escalation CVE-2025-12744 Tenable has extracted the preceding description block directly from the...