Oracle Linux 8 : python3.12 (ELSA-2025-14546)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14546 advisory. 3.12.11-2 - Security fix for CVE-2025-8194 Resolves: RHEL-106343 Tenable has extracted the preceding description block directly from the Oracle Linux security...

CVE-2024-51988 HTTP API's queue deletion endpoint does not verify that the user has a required permission

RabbitMQ is a feature rich, multi-protocol messaging and streaming broker. In affected versions queue deletion via the HTTP API was not verifying the configure permission of the user. Users who had all of the following: 1. Valid credentials, 2. Some permissions for the target virtual host & 3. HT...

CVE-2024-51988

CVE-2024-51988 affects RabbitMQ: queue deletion via the HTTP API could bypass the configure permission, allowing users with credentials, some vhost permissions, and HTTP API access to delete queues they should not. Affected versions include Open Source RabbitMQ up to 3.12.10 (fixed in 3.12.11) an...

mozilla-nss: Update 3.12.11 update (important)

This update updates mozilla nss to 3.12.11. It blacklists the lately compromised DigiNotar Certificate Authority...