AlmaLinux 9 : python-setuptools (ALSA-2025:10407)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:10407 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 Tenable has extracted the preceding description block directly from the AlmaLin...

AlmaLinux 8 : thunderbird (ALSA-2025:10246)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:10246 advisory. thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links CVE-2025-5986 Tenable has extracted the...

CLSA-2025-1751552694 Update of shim

Use both AlmaLinux and CloudLinux certs for checking images - Debrand to TuxCare - No SB support for aarch64 on TuxCare yet...

AlmaLinux 9 : xorg-x11-server (ALSA-2025:7163)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7163 advisory. xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability CVE-2024-9632 X.Org: Xwayland: Use-after-free of the root cursor...

AlmaLinux 9 : gnutls (ALSA-2025:7076)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7076 advisory. gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 Tenable has extracted the preceding description block directly...

AlmaLinux 9 : krb5 (ALSA-2025:7067)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7067 advisory. krb5: overflow when calculating ulog block size CVE-2025-24528 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 9 : keylime-agent-rust (ALSA-2025:7313)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:7313 advisory. rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : python-requests (ALSA-2025:7049)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7049 advisory. requests: subsequent requests to the same host ignore cert verification CVE-2024-35195 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : python3.11 (ALSA-2025:10148)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10148 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

AlmaLinux 9 : tigervnc (ALSA-2025:9306)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:9306 advisory. xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors CVE-2025-49175 xorg-x11-server-Xwayland:...

AlmaLinux 8 : .NET 9.0 (ALSA-2025:8815)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8815 advisory. dotnet: .NET Remote Code Vulnerability CVE-2025-30399 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note tha...

AlmaLinux 9 : gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server (ALSA-2025:7178)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7178 advisory. gstreamer: EXIF Metadata Parsing Integer Overflow CVE-2024-4453 gstreamer: AV1 Video Parsing Stack-based Buffer Overflow CVE-2024-0444 Tenable has extract...

AlmaLinux 9 : grafana (ALSA-2025:8682)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8682 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly fro...

AlmaLinux 8 : varnish:6 (ALSA-2025:8336)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8336 advisory. varnish: request smuggling attacks CVE-2025-47905 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 9 : git-lfs (ALSA-2025:7256)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:7256 advisory. golang: crypto/tls: panic when processing post-handshake message on QUIC connections CVE-2023-39321 golang: crypto/tls: lack of a limit on buffered...

AlmaLinux 9 : rpm-ostree (ALSA-2025:7147)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7147 advisory. rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : perl-Module-ScanDeps (ALSA-2025:7350)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:7350 advisory. module-scandeps: local privilege escalation via unsanitized input CVE-2024-10224 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : php:8.3 (ALSA-2025:7418)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7418 advisory. php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header...

AlmaLinux 9 : openjpeg2 (ALSA-2025:7309)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7309 advisory. openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 openjpeg: heap buffer overflow in lib/openjp2/j2k.c CVE-2024-56827 Tenable has extract...

AlmaLinux 9 : libvpx (ALSA-2025:9118)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9118 advisory. libvpx: Double-free in libvpx encoder CVE-2025-5283 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...