The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10814 advisory.

    The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of     arbitrary JavaBeans.

    Security Fix(es):

    * commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's     declaredClass property by default (CVE-2025-48734)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10796 advisory.

    The libblockdev packages provide a C library with GObject introspection support used for low-level     operations on block devices. The library serves as a thin wrapper around plug-ins for specific     functionality, such as LVM, Btrfs, LUKS, or MD RAID.

    Security Fix(es):

    * libblockdev: LPE from allow_active to root in libblockdev via udisks (CVE-2025-6019)

    For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References     section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10779 advisory.

    The sudo packages contain the sudo utility which allows system administrators to provide certain users     with the permission to execute privileged commands, which are used for system management purposes, without     having to log in as root.

    Security Fix(es):

    * sudo: LPE via host option (CVE-2025-32462)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10780 advisory.

    GLib provides the core application building blocks for libraries and applications written in C. It     provides the core object system used in GNOME, the main loop implementation, and a large set of utility     functions for strings and common data structures.

    Security Fix(es):

    * glib2: Signal subscription vulnerabilities (CVE-2024-34397)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10761 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

    * kernel: net: atlantic: fix aq_vec index out of range error (CVE-2022-50066)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10271 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.78. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2025:10270

    Security Fix(es):

    * net/http: Request smuggling due to acceptance of invalid chunked data in     net/http (CVE-2025-22871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.12 users are advised to upgrade to these     updated packages and images when they are available in the appropriate release channel. To check for     available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are     available at     https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-     single/updating_clusters/index#updating-cluster-within-minor.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10742 advisory.

    GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment.

    Security Fix(es):

    * gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs (CVE-2025-5024)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10707 advisory.

    The sudo packages contain the sudo utility which allows system administrators to provide certain users     with the permission to execute privileged commands, which are used for system management purposes, without     having to log in as root.

    Security Fix(es):

    * sudo: LPE via host option (CVE-2025-32462)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10701 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)

    * kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)

    * kernel: wifi: rt2x00: restart beacon queue when hardware reset (CVE-2023-52595)

    * kernel: HID: i2c-hid-of: fix NULL-deref on failed power up (CVE-2024-26717)

    * kernel: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute     group (CVE-2024-35790)

    * kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)

    * kernel: usb: typec: ucsi: Limit read size on v1.2 (CVE-2024-35924)

    * kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)

    * kernel: usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (CVE-2023-52781)

    * kernel: atl1c: Work around the DMA RX overflow issue (CVE-2023-52834)

    * kernel: pinctrl: core: delete incorrect free in pinctrl_enable() (CVE-2024-36940)

    * kernel: drm/amdgpu: add error handle to avoid out-of-bounds (CVE-2024-39471)

    * kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)

    * kernel: usb: atm: cxacru: fix endpoint checking in cxacru_bind() (CVE-2024-41097)

    * kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)

    * kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)

    * kernel: xsk: fix OOB map writes when deleting elements (CVE-2024-56614)

    * kernel: md: fix mddev uaf while iterating all_mddevs list (CVE-2025-22126)

    * kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10698 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)

    * libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)

    * libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10699 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)

    * libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)

    * libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10295 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.17.35. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2025:10294

    Security Fix(es):

    * podman: podman missing TLS verification (CVE-2025-6032)
    * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.17 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-     single/updating_clusters/index#updating-cluster-cli.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10670 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: Bluetooth: Fix use after free in hci_send_acl (CVE-2022-49111)

    * kernel: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set (CVE-2022-49136)

    * kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10675 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (CVE-2023-1652)

    * kernel: ext4: ignore xattrs past end (CVE-2025-37738)

    * kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

    * kernel: net: atlantic: fix aq_vec index out of range error (CVE-2022-50066)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10672 advisory.

    Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

    Security Fix(es):

    * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10669 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: Bluetooth: Fix use after free in hci_send_acl (CVE-2022-49111)

    * kernel: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set (CVE-2022-49136)

    * kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10676 advisory.

    The golang packages provide the Go programming language compiler.

    Security Fix(es):

    * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10291 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.19.3. See the following     advisory for the container images for this release:

    https://access.redhat.com/errata/RHBA-2025:10290

    Security Fix(es):

    * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-     single/updating_clusters/index#updating-cluster-cli.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10668 advisory.

    The podman tool manages pods, container images, and containers. It is part of the libpod library, which is     for applications that use container pods. Container pods is a concept in Kubernetes.

    Security Fix(es):

    * podman: podman missing TLS verification (CVE-2025-6032)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10673 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: Bluetooth: Fix use after free in hci_send_acl (CVE-2022-49111)

    * kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

    * kernel: net: atlantic: fix aq_vec index out of range error (CVE-2022-50066)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10630 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)

    * libxml: Null pointer dereference leads to Denial of service (DoS) (CVE-2025-49795)

    * libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)

    * libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10671 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (CVE-2023-1652)

    * kernel: ext4: ignore xattrs past end (CVE-2025-37738)

    * kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

    * kernel: net: atlantic: fix aq_vec index out of range error (CVE-2022-50066)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10674 advisory.

    This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the     code of a running kernel.  This patch module is targeted for kernel-5.14.0-570.17.1.el9_6.

    Security Fix(es):

    * kernel: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (CVE-2025-37799)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10677 advisory.

    The golang packages provide the Go programming language compiler.

    Security Fix(es):

    * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10646 advisory.

    The socat utility establishes bi-directional byte streams and transfers data between them. The utility can     establish streams between a large set of channels, such as files, pipes, devices, and sockets.

    Security Fix(es):

    * socat: arbitrary file overwrite via predictable /tmp directory (CVE-2024-54661)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10618 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10635 advisory.

    GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment.

    Security Fix(es):

    * gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs (CVE-2025-5024)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10619 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10622 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10615 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10620 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10613 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10616 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10602 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)

    * cpython: python: Bypass extraction filter to modify file metadata outside extraction directory     (CVE-2024-12718)

    * cpython: python: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)

    * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)

    * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction     directory (CVE-2025-4138)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10631 advisory.

    GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment.

    Security Fix(es):

    * gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs (CVE-2025-5024)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10621 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10585 advisory.

    jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it     to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar     applications allow you to manipulate text.

    Security Fix(es):

    * jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)

    * jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10551 advisory.

    The container-tools module contains tools for working with containers, notably podman, buildah, skopeo,     and runc.

    Security Fix(es):

    * podman: podman missing TLS verification (CVE-2025-6032)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10536 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: bpf: fix OOB devmap writes when deleting elements (CVE-2024-56615)

    * kernel: xsk: fix OOB map writes when deleting elements (CVE-2024-56614)

    * kernel: md: fix mddev uaf while iterating all_mddevs list (CVE-2025-22126)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10547 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: bpf: fix OOB devmap writes when deleting elements (CVE-2024-56615)

    * kernel: xsk: fix OOB map writes when deleting elements (CVE-2024-56614)

    * kernel: md: fix mddev uaf while iterating all_mddevs list (CVE-2025-22126)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10548 advisory.

    Commons VFS provides a single API for accessing various different file systems. It presents a uniform view     of the files from various different sources, such as the files on local disk, on an HTTP server, or inside     a Zip archive. Some of the features of Commons VFS are:
    * A single consistent API for accessing files of different      types.
    * Support for numerous file system types.
    * Caching of file information. Caches information in-JVM,      and optionally can cache remote file information on the      local file system.
    * Event delivery.
    * Support for logical file systems made up of files from      various different file systems.
    * Utilities for integrating Commons VFS into applications,      such as a VFS-aware ClassLoader and URLStreamHandlerFactory.
    * A set of VFS-enabled Ant tasks.

    Security Fix(es):

    * apache-commons-vfs: Apache Commons VFS: Possible path traversal issue when using NameScope.DESCENDENT     (CVE-2025-27553)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10541 advisory.

    The rsync utility enables the users to copy and synchronize files locally or across a network.
    Synchronization with rsync is fast because rsync only sends the differences in files over the network     instead of sending whole files. The rsync utility is also used as a mirroring tool.

    Security Fix(es):

    * zlib: Out-of-bounds pointer arithmetic in inftrees.c (CVE-2016-9840)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10550 advisory.

    The podman tool manages pods, container images, and containers. It is part of the libpod library, which is     for applications that use container pods. Container pods is a concept in Kubernetes.

    Security Fix(es):

    * podman: podman missing TLS verification (CVE-2025-6032)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10544 advisory.

    The socat utility establishes bi-directional byte streams and transfers data between them. The utility can     establish streams between a large set of channels, such as files, pipes, devices, and sockets.

    Security Fix(es):

    * socat: arbitrary file overwrite via predictable /tmp directory (CVE-2024-54661)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10549 advisory.

    The podman tool manages pods, container images, and containers. It is part of the libpod library, which is     for applications that use container pods. Container pods is a concept in Kubernetes.

    Security Fix(es):

    * podman: podman missing TLS verification (CVE-2025-6032)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10518 advisory.

    The sudo packages contain the sudo utility which allows system administrators to provide certain users     with the permission to execute privileged commands, which are used for system management purposes, without     having to log in as root.

    Security Fix(es):

    * sudo: LPE via host option (CVE-2025-32462)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10484 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)

    * cpython: python: Bypass extraction filter to modify file metadata outside extraction directory     (CVE-2024-12718)

    * cpython: python: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)

    * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)

    * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction     directory (CVE-2025-4138)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10520 advisory.

    The sudo packages contain the sudo utility which allows system administrators to provide certain users     with the permission to execute privileged commands, which are used for system management purposes, without     having to log in as root.

    Security Fix(es):

    * sudo: LPE via host option (CVE-2025-32462)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10527 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: um: Fix out-of-bounds read in LDT setup (CVE-2022-49395)

    * kernel: Squashfs: fix handling and sanity checking of xattr_ids count (CVE-2023-52933)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10399 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)

    * cpython: python: Bypass extraction filter to modify file metadata outside extraction directory     (CVE-2024-12718)

    * cpython: python: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)

    * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)

    * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction     directory (CVE-2025-4138)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Severity
241715	RHEL 7 : apache-commons-beanutils (RHSA-2025:10814)	high
241703	RHEL 7 : libblockdev (RHSA-2025:10796)	high
241702	RHEL 9 : sudo (RHSA-2025:10779)	low
241701	RHEL 9 : glib2 (RHSA-2025:10780)	medium
241685	RHEL 8 : kernel (RHSA-2025:10761)	high
241684	RHEL 8 : OpenShift Container Platform 4.12.78 (RHSA-2025:10271)	critical
241669	RHEL 8 : gnome-remote-desktop (RHSA-2025:10742)	high
241661	RHEL 9 : sudo (RHSA-2025:10707)	low
241660	RHEL 9 : kernel (RHSA-2025:10701)	high
241659	RHEL 8 : libxml2 (RHSA-2025:10698)	critical
241658	RHEL 9 : libxml2 (RHSA-2025:10699)	critical
241627	RHEL 8 / 9 : OpenShift Container Platform 4.17.35 (RHSA-2025:10295)	critical
241616	RHEL 8 : kernel-rt (RHSA-2025:10670)	high
241615	RHEL 9 : kernel-rt (RHSA-2025:10675)	high
241614	RHEL 8 : go-toolset:rhel8 (RHSA-2025:10672)	medium
241613	RHEL 8 : kernel (RHSA-2025:10669)	high
241612	RHEL 9 : golang (RHSA-2025:10676)	medium
241611	RHEL 9 : OpenShift Container Platform 4.19.3 (RHSA-2025:10291)	critical
241610	RHEL 9 : podman (RHSA-2025:10668)	high
241601	RHEL 8 : kernel (RHSA-2025:10673)	high
241600	RHEL 10 : libxml2 (RHSA-2025:10630)	critical
241599	RHEL 9 : kernel (RHSA-2025:10671)	high
241598	RHEL 9 : kpatch-patch-5_14_0-570_17_1 (RHSA-2025:10674)	high
241597	RHEL 10 : golang (RHSA-2025:10677)	medium
241588	RHEL 9 : socat (RHSA-2025:10646)	critical
241573	RHEL 8 : jq (RHSA-2025:10618)	high
241572	RHEL 10 : gnome-remote-desktop (RHSA-2025:10635)	high
241569	RHEL 8 : jq (RHSA-2025:10619)	high
241568	RHEL 8 : jq (RHSA-2025:10622)	high
241566	RHEL 9 : jq (RHSA-2025:10615)	high
241565	RHEL 8 : jq (RHSA-2025:10620)	high
241539	RHEL 9 : jq (RHSA-2025:10613)	high
241538	RHEL 9 : jq (RHSA-2025:10616)	high
241537	RHEL 8 : python3 (RHSA-2025:10602)	critical
241528	RHEL 9 : gnome-remote-desktop (RHSA-2025:10631)	high
241527	RHEL 8 : jq (RHSA-2025:10621)	high
241526	RHEL 9 : jq (RHSA-2025:10585)	high
241505	RHEL 8 : container-tools:rhel8 (RHSA-2025:10551)	high
241504	RHEL 9 : kernel-rt (RHSA-2025:10536)	high
241503	RHEL 9 : kernel (RHSA-2025:10547)	high
241502	RHEL 7 : apache-commons-vfs (RHSA-2025:10548)	high
241501	RHEL 8 : rsync (RHSA-2025:10541)	high
241500	RHEL 9 : podman (RHSA-2025:10550)	high
241499	RHEL 9 : socat (RHSA-2025:10544)	critical
241498	RHEL 10 : podman (RHSA-2025:10549)	high
241496	RHEL 8 : sudo (RHSA-2025:10518)	low
241495	RHEL 8 : python3 (RHSA-2025:10484)	critical
241487	RHEL 8 : sudo (RHSA-2025:10520)	low
241486	RHEL 9 : kernel-rt (RHSA-2025:10527)	high
241449	RHEL 9 : python3.9 (RHSA-2025:10399)	critical

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

high

high

low

medium

high

critical

high

low

high

critical

critical

critical

high

high

medium

high

medium

critical

high

high

critical

high

high

medium

critical

high

high

high

high

high

high

high

high

critical

high

high

high

high

high

high

high

high

high

critical

high

low

critical

low

high

critical