The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21894 advisory.

    Red Hat Satellite is a system management solution that allows organizations to configure and maintain     their systems without the necessity to provide public Internet access to their servers or other client     systems. It performs provisioning and configuration management of predefined standard operating     environments.

    Security Fix(es):

    * GraphQL API permission bypass leads to information disclosure (CVE-2025-9572)

    Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.

    For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE     page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21778 advisory.

    The golang packages provide the Go programming language compiler.

    Security Fix(es):

    * golang: archive/tar: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21779 advisory.

    The golang packages provide the Go programming language compiler.

    Security Fix(es):

    * golang: archive/tar: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21773 advisory.

    Expat is a C library for parsing XML documents.

    Security Fix(es):

    * expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small     document that is submitted for parsing (CVE-2025-59375)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21776 advisory.

    Expat is a C library for parsing XML documents.

    Security Fix(es):

    * expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small     document that is submitted for parsing (CVE-2025-59375)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21760 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: ALSA: usb-audio: Validate UAC3 power domain descriptors, too (CVE-2025-38729)

    * kernel: sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718)

    * kernel: NFS: Fix a race when updating an existing write (CVE-2025-39697)

    * kernel: ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702)

    * kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors (CVE-2025-39757)

    * kernel: x86/vmscape: Add conditional IBPB mitigation (CVE-2025-40300)

    * kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (CVE-2025-39817)

    * kernel: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (CVE-2025-39849)

    * kernel: crypto: xts - Handle EBUSY correctly (CVE-2023-53494)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21768 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):

    * receptor: quic-go Crash Due to Premature HANDSHAKE_DONE Frame (CVE-2025-59530)
    * automation-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration (CVE-2025-9909)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Updates and fixes included:

    Automation Platform
    * Added fallback-authenticator feature, which allows users to configure fallback_authentication for     running custom logic in the event local authentication fails (AAP-56919)
    * Fixed a significant performance regression in response time for GET requests to /role_definitions/ and     related endpoints (AAP-56868)
    * Allows for Event-Driven Ansible to add CA Certificates in Gateway which can then used by Envoy to do     certificate based Auth for mTLS EventStreams (AAP-56770)
    * Users who existed in AAP 2.5 with controller legacy authentication, but never logged in are now marked     such that they will attempt authentication with controller in AAP 2.6 rather than being left in an     unusable state (AAP-56388)
    * Fixed an issue in which superuser status would sync from gateway to other components if set to True, but     not if set to False (AAP-56296)
    * Fixed column main_unifiedjobtemplate.org_unique does not exist migration error (AAP-56222)
    * Fixed using and condition with multiple attributes. Where previously the authentication map would skip     the missing attributes, with this fix the the map will be applied only if all attributes are present and     the condition(s) are met (AAP-53612)
    * Fixed an issue where platform auditors were not able Platform level settings (AAP-55608)
    * Fixed an issue where the Team input field on the authentication mapping form was not hidden when an     organization role was selected (AAP-55602)
    * Fixed an issue where the workflow visualizer CSS was displaying the incorrect height (AAP-55164)
    * Fix an Execution Environment deletion warning (AAP-55135)
    * Added login page at /login to bypass the LOGIN_REDIRECT_OVERRIDE setting when it is misconfigured     (AAP-53471)
    * Ansible Lightspeed section has been removed from the left navigation bar (AAP-53006)
    * Fixed an issue where filtering platform resources by special characters did not work as expected     (AAP-52360)
    * Fixed the Subscription Usage chart to always display at full height (AAP-52218)
    * Fixed an issue that was preventing users from viewing complete survey question choices that contained a     colon (AAP-50290)
    * The Domains filter is now visible within the Job Templates tab that shows up in a Project, Credential,     Inventory or EE (AAP-48031)
    * Added limit filtering to the jobs page (AAP-45218)
    * Fixed a form validation bug on the Login Redirect Override field in gateway settings (AAP-40517)
    * An information message is displayed in the Review step for creating an org (AAP-30179)
    * A warning message is added when a user tries to restart an activation in the 'workers offline' status     (AAP-24009)
    * Add the ca_certificates module and the enable_mtls attribute to route to ansible.platform collection     (AAP-48345)
    * automation-gateway has been updated to 2.6.20251119
    * automation-platform-ui has been updated to 2.6.3
    * python3.11-django-ansible-base has been updated to 2.6.20251119

    Automation controller
    * Fixed an issue in receptor where some edge cases caused JSON to fail to parse (AAP-58412)
    * Fixed an issue in ansible-runner where there was not a meaningful error message whenever the streaming     of logs was aborted (AAP-58390)
    * Migrating team mappers which do not include a users field is now supported (AAP-56395)
    * Receptor collection version has been updated to 2.0.6, which is compatible with ansible-core 2.19     (AAP-42617)
    * Fixed an issue where jobs failed on fapolicyd enabled systems where python 3.9 was not installed by     default (AAP-55790)
    * ansible-runner has been updated to 2.4.2
    * automation-controller has been updated to 4.7.5
    * automation-controller-fapolicyd has been updated to 1.0-5
    * receptor has been updated to 1.6.2

    Automation hub
    * Fixed an upgrade error (AttributeError or ValueError, content type mismatch) in the Hub Django 0054     migration that happens when upgrading if any role is assigned to a group globally before the migration     (AAP-58299)
    * automation-hub has been updated to 4.11.3
    * python3.11-galaxy-ng has been updated to 4.11.3

    Event-Driven Ansible
    * Added support for mTLS event streams (AAP-57375)
    * automation-eda-controller has been updated to 1.2.2

    Container-based Ansible Automation Platform
    * Added support for Azure provider for Lightspeed (AAP-58206)
    * Added support for OpenAI provider for Lightspeed (AAP-58197)
    * Event-stream mTLS configuration has been added for Event-Driven Ansible (AAP-57434)
    * Fixed a compatibility issue with PostgreSQL 17 when using an external database and admin credentials     (AAP-57431)
    * Fixed the chatbot response about the latest AAP version (AAP-57385)
    * containerized installer setup has been updated to 2.6-3

    RPM-based Ansible Automation Platform
    * Fixed an issue where the installer failed during execution environment image upload when there is no     automation hub node in inventory (AAP-56892)
    * Event-stream mTLS configuration has been added for Event-Driven Ansible (AAP-46070)
    * Gateway logs in /var/log/ansible-automation-platform/gateway have been refactored (AAP-30549)
    * ansible-automation-platform-installer and installer setup have been updated to 2.6-3

    Additional changes
    * Updated ansible-creator to use images from ansible-automation-platform-26 namespace by default
    * ansible-creator has been updated to 25.8.0-2

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21772 advisory.

    The libsoup packages provide an HTTP client and server library for GNOME.

    Security Fix(es):

    * libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945)

    * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21740 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)

    * bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21736 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21748 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV (CVE-2025-59088)

    * python-kdcproxy: Remote DoS via unbounded TCP upstream buffering (CVE-2025-59089)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21741 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)

    * bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21735 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21706 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):

    * receptor: quic-go Crash Due to Premature HANDSHAKE_DONE Frame (CVE-2025-59530)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Updates and fixes included:
    * Python has been updated to 3.11 (AAP-53469)
    * Nginx has been updated to 1.24 (AAP-53989 and AAP-53990)

    Refer to Release Notes for details about Python 3.11 update.

    Automation controller
    * Added support for Red Hat username and password for the subscription management API (AAP-56887)
    * Added a step in the subscription wizard that allows the user to configure automation analytics     (AAP-56061)
    * Added two new toggle options on the subscription wizard to allow for fetching subscriptions using basic     authentication (AAP-56060)
    * Fixed an issue in receptor where some edge cases caused JSON to fail to parse (AAP-55917)
    * Fixed an issue in ansible-runner where there was not a meaningful error message whenever the streaming     of logs was aborted
    * ansible-runner has been updated to 2.3.7
    * automation-controller has been updated to 4.5.27
    * receptor has been updated to 1.6.2

    Installer and setup
    * Set REDHAT_CANDLEPIN_VERIFY to correct CA pem so that controller can make requests to     subscription.rhsm.redhat.com (AAP-57020)
    * RHEL minimum version has been updated to 8.10 and 9.4 (AAP-56387)
    * installer and setup have been updated to 2.4-14

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21696 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) (CVE-2025-61770)

    * rack: Rack's multipart parser buffers large non?file fields entirely in memory, enabling DoS (memory     exhaustion) (CVE-2025-61771)

    * rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion     (CVE-2025-61919)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21667 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: nfsd: don't ignore the return code of svc_proc_register() (CVE-2025-22026)

    * kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797)

    * kernel: net: usb: smsc75xx: Limit packet length to skb->len (CVE-2023-53125)

    * kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing (CVE-2022-50229)

    * kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 (CVE-2022-50228)

    * kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (CVE-2022-50087)

    * kernel: drm/amd/display: clear optc underflow before turn off odm clock (CVE-2022-49969)

    * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085)

    * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159)

    * kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200)

    * kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CVE-2025-38211)

    * kernel: scsi: lpfc: Use memcpy() for BIOS version (CVE-2025-38332)

    * kernel: drm/gem: Acquire references on GEM handles for framebuffers (CVE-2025-38449)

    * kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate (CVE-2025-38477)

    * kernel: do_change_type(): refuse to operate on unmounted/not ours mounts (CVE-2025-38498)

    * kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)

    * kernel: HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556)

    * kernel: tls: separate no-async decryption request handling from async (CVE-2024-58240)

    * kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)

    * kernel: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (CVE-2025-39751)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21666 advisory.

    The libsoup packages provide an HTTP client and server library for GNOME.

    Security Fix(es):

    * libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945)

    * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21691 advisory.

    The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based     applications.

    Security Fix(es):

    * haproxy: denial of service vulnerability in HAProxy mjson library (CVE-2025-11230)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21692 advisory.

    The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based     applications.

    Security Fix(es):

    * haproxy: denial of service vulnerability in HAProxy mjson library (CVE-2025-11230)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21665 advisory.

    The libsoup packages provide an HTTP client and server library for GNOME.

    Security Fix(es):

    * libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945)

    * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21702 advisory.

    The podman tool manages pods, container images, and containers. It is part of the libpod library, which is     for applications that use container pods. Container pods is a concept in Kubernetes.

    Security Fix(es):

    * runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects     (CVE-2025-52881)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21694 advisory.

    The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based     applications.

    Security Fix(es):

    * haproxy: denial of service vulnerability in HAProxy mjson library (CVE-2025-11230)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21693 advisory.

    The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based     applications.

    Security Fix(es):

    * haproxy: denial of service vulnerability in HAProxy mjson library (CVE-2025-11230)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21657 advisory.

    The libsoup packages provide an HTTP client and server library for GNOME.

    Security Fix(es):

    * libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content (CVE-2025-2784)

    * libsoup: Denial of Service attack to websocket server (CVE-2025-32049)

    * libsoup: Out of bounds reads in soup_headers_parse_request() (CVE-2025-32906)

    * libsoup: Double free on  soup_message_headers_get_content_disposition() through  soup-message-     headers.c via params GHashTable value (CVE-2025-32911)

    * libsoup: NULL pointer dereference in  soup_message_headers_get_content_disposition when filename     parameter  is present, but has no value in Content-Disposition header (CVE-2025-32913)

    * libsoup: OOB Read on libsoup through function  soup_multipart_new_from_message in soup-multipart.c     leads to crash or  exit of process (CVE-2025-32914)

    * libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945)

    * libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup     (CVE-2025-4948)

    * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21664 advisory.

    The libsoup packages provide an HTTP client and server library for GNOME.

    Security Fix(es):

    * libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945)

    * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21655 advisory.

    The libsoup packages provide an HTTP client and server library for GNOME.

    Security Fix(es):

    * libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945)

    * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21656 advisory.

    The libsoup packages provide an HTTP client and server library for GNOME.

    Security Fix(es):

    * libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945)

    * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21634 advisory.

    The buildah package provides a tool for facilitating building OCI container images. Among other things,     buildah enables you to: Create a working container, either from scratch or using an image as a starting     point; Create an image, either from a working container or using the instructions in a Dockerfile; Build     both Docker and OCI images.

    Security Fix(es):

    * runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects     (CVE-2025-52881)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21633 advisory.

    The buildah package provides a tool for facilitating building OCI container images. Among other things,     buildah enables you to: Create a working container, either from scratch or using an image as a starting     point; Create an image, either from a working container or using the instructions in a Dockerfile; Build     both Docker and OCI images.

    Security Fix(es):

    * runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects     (CVE-2025-52881)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21563 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY     (CVE-2024-56690)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21628 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21562 advisory.

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS)     protocols, as well as a full-strength general-purpose cryptography library.

    Security Fix(es):

    * openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21405 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21463 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: eventpoll: Fix semi-unbounded recursion (CVE-2025-38614)

    * kernel: wifi: cfg80211: fix use-after-free in cmp_bss() (CVE-2025-39864)

    * kernel: of_numa: fix uninitialized memory nodes causing kernel panic (CVE-2025-39903)

    * kernel: tls: make sure to abort the stream if headers are bogus (CVE-2025-39946)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21462 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21452 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21506 advisory.

    The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF)     files.

    Security Fix(es):

    * libtiff: Libtiff Write-What-Where (CVE-2025-9900)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21508 advisory.

    The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF)     files.

    Security Fix(es):

    * libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)

    * libtiff: Libtiff Write-What-Where (CVE-2025-9900)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21401 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21469 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (CVE-2025-38351)

    * kernel: do_change_type(): refuse to operate on unmounted/not ours mounts (CVE-2025-38498)

    * kernel: NFS: Fix a race when updating an existing write (CVE-2025-39697)

    * kernel: kernfs: Fix UAF in polling when open file is released (CVE-2025-39881)

    * kernel: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (CVE-2025-39982)

    * kernel: i40e: fix idx validation in config queues msg (CVE-2025-39971)

    * kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue (CVE-2025-39983)

    * kernel: io_uring/waitid: always prune wait queue entry in io_waitid_wait() (CVE-2025-40047)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21400 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21507 advisory.

    The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF)     files.

    Security Fix(es):

    * libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)

    * libtiff: Libtiff Write-What-Where (CVE-2025-9900)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21485 advisory.

    The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software     Development Kit.

    Security Fix(es):

    * JDK: Enhance Path Factories (CVE-2025-53066)

    * JDK: Enhance Certificate Handling (CVE-2025-53057)

    * JDK: Enhance String Handling (CVE-2025-61748)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Note that the OpenJDK 25 package does not yet include FIPS support. This is expected to be reinstated in a     future update.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21403 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21407 advisory.

    The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF)     files.

    Security Fix(es):

    * libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)

    * libtiff: LibTIFF Buffer Overflow (CVE-2025-8177)

    * libtiff: Libtiff Write-What-Where (CVE-2025-9900)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21397 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: vsock/virtio: Validate length in packet header before skb_put() (CVE-2025-39718)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21448 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV (CVE-2025-59088)

    * python-kdcproxy: Remote DoS via unbounded TCP upstream buffering (CVE-2025-59089)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21399 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21402 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21404 advisory.

    The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On     standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of     SAML-based federations and provides bindings for multiple languages.

    Security Fix(es):

    * lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
276451	RHEL 8 / 9 : Satellite 6.16.5.6 Async Update (Moderate) (RHSA-2025:21894)	medium
275826	RHEL 9 : golang (RHSA-2025:21778)	medium
275825	RHEL 10 : golang (RHSA-2025:21779)	medium
275814	RHEL 9 : expat (RHSA-2025:21773)	high
275813	RHEL 8 : expat (RHSA-2025:21776)	high
275793	RHEL 9 : kernel (RHSA-2025:21760)	high
275792	RHEL 9 : Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update (Moderate) (RHSA-2025:21768)	high
275791	RHEL 8 : libsoup (RHSA-2025:21772)	high
275770	RHEL 8 : bind (RHSA-2025:21740)	medium
275769	RHEL 8 : bind (RHSA-2025:21736)	high
275768	RHEL 9 : python-kdcproxy (RHSA-2025:21748)	high
275767	RHEL 8 : bind (RHSA-2025:21741)	medium
275754	RHEL 8 : bind (RHSA-2025:21735)	high
275715	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2025:21706)	high
275714	RHEL 7 : pcs (RHSA-2025:21696)	high
275713	RHEL 8 : kernel (RHSA-2025:21667)	high
275712	RHEL 9 : libsoup (RHSA-2025:21666)	high
275711	RHEL 10 : haproxy (RHSA-2025:21691)	high
275710	RHEL 10 : haproxy (RHSA-2025:21692)	high
275709	RHEL 8 : libsoup (RHSA-2025:21665)	high
275708	RHEL 9 : podman (RHSA-2025:21702)	high
275707	RHEL 9 : haproxy (RHSA-2025:21694)	high
275706	RHEL 9 : haproxy (RHSA-2025:21693)	high
275607	RHEL 7 : libsoup (RHSA-2025:21657)	medium
275606	RHEL 8 : libsoup (RHSA-2025:21664)	high
275605	RHEL 9 : libsoup (RHSA-2025:21655)	high
275604	RHEL 9 : libsoup (RHSA-2025:21656)	high
275582	RHEL 9 : buildah (RHSA-2025:21634)	high
275578	RHEL 10 : buildah (RHSA-2025:21633)	high
275574	RHEL 9 : kernel (RHSA-2025:21563)	medium
275573	RHEL 8 : lasso (RHSA-2025:21628)	critical
275550	RHEL 9 : openssl (RHSA-2025:21562)	high
275549	RHEL 9 : lasso (RHSA-2025:21405)	critical
275548	RHEL 10 : kernel (RHSA-2025:21463)	high
275547	RHEL 9 : lasso (RHSA-2025:21462)	critical
275546	RHEL 9 : lasso (RHSA-2025:21452)	critical
275543	RHEL 9 : libtiff (RHSA-2025:21506)	high
275542	RHEL 9 : libtiff (RHSA-2025:21508)	medium
275541	RHEL 8 : lasso (RHSA-2025:21401)	critical
275536	RHEL 9 : kernel (RHSA-2025:21469)	high
275535	RHEL 8 : lasso (RHSA-2025:21400)	critical
275534	RHEL 9 : libtiff (RHSA-2025:21507)	medium
275533	RHEL 10 : java-25-openjdk (RHSA-2025:21485)	high
275532	RHEL 9 : lasso (RHSA-2025:21403)	critical
275531	RHEL 7 : libtiff (RHSA-2025:21407)	medium
275527	RHEL 8 : kernel-rt (RHSA-2025:21397)	high
275526	RHEL 9 : python-kdcproxy (RHSA-2025:21448)	high
275525	RHEL 8 : lasso (RHSA-2025:21399)	critical
275524	RHEL 8 : lasso (RHSA-2025:21402)	critical
275523	RHEL 7 : lasso (RHSA-2025:21404)	critical

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

medium

medium

medium

high

high

high

high

high

medium

high

high

medium

high

high

high

high

high

high

high

high

high

high

high

medium

high

high

high

high

high

medium

critical

high

critical

high

critical

critical

high

medium

critical

high

critical

medium

high

critical

medium

high

high

critical

critical

critical