RHCOS 4 : OpenShift Container Platform 4.15.62 (RHSA-2026:4418)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4418 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - github.com/sirupsen/logrus:...

RHEL 9 : oci-seccomp-bpf-hook (RHSA-2026:11804)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:11804 advisory. OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.15.62 packages and security update

Red Hat OpenShift Container Platform release 4.15.62 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

RockyLinux 8 : container-tools:rhel8 (RLSA-2026:3428)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3428 advisory. golang: html/template: errors returned from MarshalJSON methods may break template escaping CVE-2024-24785 crypto/x509: golang: Denial of Service due to...

RHEL 8 : container-tools:rhel8 (RHSA-2026:3428)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3428 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang:...

RLSA-2026:3428 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: html/template: errors returned from MarshalJSON methods may break template escaping CVE-2024-24785 crypto/x509: golang: Denial of Service due to excessive...

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: html/template: errors returned from MarshalJSON methods may break template escaping CVE-2024-24785 crypto/x509: golang: Denial of Service due to excessive...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.21.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.18.32 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.32 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-65637)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-65637 advisory. - A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer...

Important: docker

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2025-087 (ALASECS-2025-087)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-087 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain...

AZL-71566 CVE-2025-65637 affecting package containerized-data-importer for versions less than 1.55.0-27

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

AZL-71543 CVE-2025-65637 affecting package kubernetes for versions less than 1.30.10-18

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

AZL-71473 CVE-2025-65637 affecting package umoci 0.4.7-13

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...