The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4624 advisory.

    Mozilla Thunderbird is a standalone mail and newsgroup client.

    Security Fix(es):

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4623 advisory.

    Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string,     xml, and network handling in Qt.

    Security Fix(es):

    * qtbase: qtbase: Delay any communication until encrypted() can be responded to (CVE-2024-39936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4621 advisory.

    Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string,     xml, and network handling in Qt.

    Security Fix(es):

    * qtbase: qtbase: Delay any communication until encrypted() can be responded to (CVE-2024-39936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4617 advisory.

    Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string,     xml, and network handling in Qt.

    Security Fix(es):

    * qtbase: qtbase: Delay any communication until encrypted() can be responded to (CVE-2024-39936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4633 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in     log_entry_attr) (CVE-2024-1062)

    * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)

    * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)

    * 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4560 advisory.

    The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java     Software Development Kit.

    Security Fix(es):

    * OpenJDK: RangeCheckElimination array index overflow (8323231) (CVE-2024-21147)

    * OpenJDK: potential UTF8 size overflow (8314794) (CVE-2024-21131)

    * OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (CVE-2024-21138)

    * OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548) (CVE-2024-21140)

    * OpenJDK: Pack200 increase loading time due to improper header validation (8322106) (CVE-2024-21144)

    * OpenJDK: Out-of-bounds access in 2D image handling (8324559) (CVE-2024-21145)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4622 advisory.

    Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery     Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

    Security Fix(es):

    * libndp: buffer overflow in route information length field (CVE-2024-5564)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4625 advisory.

    Mozilla Thunderbird is a standalone mail and newsgroup client.

    Security Fix(es):

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in NSS (CVE-2024-6602)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4618 advisory.

    Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery     Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

    Security Fix(es):

    * libndp: buffer overflow in route information length field (CVE-2024-5564)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4610 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4619 advisory.

    Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery     Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

    Security Fix(es):

    * libndp: buffer overflow in route information length field (CVE-2024-5564)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4563 advisory.

    The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java     Software Development Kit.

    Security Fix(es):

    * OpenJDK: RangeCheckElimination array index overflow (8323231) (CVE-2024-21147)

    * OpenJDK: potential UTF8 size overflow (8314794) (CVE-2024-21131)

    * OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (CVE-2024-21138)

    * OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548) (CVE-2024-21140)

    * OpenJDK: Pack200 increase loading time due to improper header validation (8322106) (CVE-2024-21144)

    * OpenJDK: Out-of-bounds access in 2D image handling (8324559) (CVE-2024-21145)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4568 advisory.

    The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java     Software Development Kit.

    Security Fix(es):

    * OpenJDK: RangeCheckElimination array index overflow (8323231) (CVE-2024-21147)

    * OpenJDK: potential UTF8 size overflow (8314794) (CVE-2024-21131)

    * OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (CVE-2024-21138)

    * OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548) (CVE-2024-21140)

    * OpenJDK: Out-of-bounds access in 2D image handling (8324559) (CVE-2024-21145)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4590 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4586 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4573 advisory.

    The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java     Software Development Kit.

    Security Fix(es):

    * OpenJDK: RangeCheckElimination array index overflow (8323231) (CVE-2024-21147)

    * OpenJDK: potential UTF8 size overflow (8314794) (CVE-2024-21131)

    * OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (CVE-2024-21138)

    * OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548) (CVE-2024-21140)

    * OpenJDK: Out-of-bounds access in 2D image handling (8324559) (CVE-2024-21145)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4583 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

    * kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in     hns_dsaf_ge_srst_by_port() (CVE-2021-47548)

    * kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)

    * kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)

    * kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)

    * kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)

    * kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after     populating the metadata_map (CVE-2024-26858)

    * kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)

    * kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435)

    * kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)

    * kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)

    * kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543)

    * kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)

    * kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593)

    * kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)

    * kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957)

    * kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4486 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.45. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2024:4484

    Security Fix(es):

    * cri-o: malicious container can create symlink on host (CVE-2024-5154)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4575 advisory.

    The linux-firmware packages contain all of the firmware files that are required by various devices to     operate.

    Security Fix(es):

    * hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635)

    * hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-40964)

    * hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329)

    * hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem     (CVE-2023-20592)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4581 advisory.

    The podman tool manages pods, container images, and containers. It is part of the libpod library, which is     for applications that use container pods. Container pods is a concept in Kubernetes.

    Security Fix(es):

    * golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4579 advisory.

    Git is a distributed revision control system with a decentralized architecture. As opposed to centralized     version control systems with a client-server model, Git ensures that each working copy of a Git repository     is an exact copy with complete revision history. This not only allows the user to work on and contribute     to projects without the need to have permission to push the changes to their official repositories, but     also makes it possible for the user to work with no network connection.

    Security Fix(es):

    * git: Recursive clones RCE (CVE-2024-32002)

    * git: RCE while cloning local repos (CVE-2024-32004)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4580 advisory.

    The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar     operating systems.

    Security Fix(es):

    * cups: Cupsd Listen arbitrary chmod 0140777 (CVE-2024-35235)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4576 advisory.

    libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C.

    Security Fix(es):

    * nghttp2: CONTINUATION frames DoS (CVE-2024-28182)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4577 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4559 advisory.

    Node.js is a software development platform for building fast and scalable network applications in the     JavaScript programming language.

    Security Fix(es):

    * nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service     (CVE-2024-22025)

    * nodejs: HTTP Request Smuggling via Content Length Obfuscation (CVE-2024-27982)

    * c-ares: Out of bounds read in ares__read_line() (CVE-2024-25629)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4554 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: tls: race between tx work scheduling and socket close (CVE-2024-26585)

    * kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)

    * kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)

    * kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720)

    * kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)

    * kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)

    * kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852)

    * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

    * kernel: icmp: prevent possible NULL dereferences from icmp_build_probe() (CVE-2024-35857)

    * kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)

    * kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (CVE-2024-35969)

    * kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)

    * kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in     hns_dsaf_ge_srst_by_port() (CVE-2021-47548)

    * kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)

    * kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4543 advisory.

    Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics     with text pointers inside Git, while storing the file contents on a remote server.

    Security Fix(es):

    * golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS     (CVE-2023-45288,VU#421644.3)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4547 advisory.

    This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the     code of a running kernel.  This patch module is targeted for kernel-4.18.0-372.87.1.el8_6.

    Security Fix(es):

    * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4542 advisory.

    Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text     files and to perform system management tasks.

    Security Fix(es):

    * ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4541 advisory.

    The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript     translates PostScript code to common bitmap formats so that the code can be displayed or printed.

    Security Fix(es):

    * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4545 advisory.

    Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics     with text pointers inside Git, while storing the file contents on a remote server.

    Security Fix(es):

    * golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS     (CVE-2023-45288,VU#421644.3)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4544 advisory.

    The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript     translates PostScript code to common bitmap formats so that the code can be displayed or printed.

    Security Fix(es):

    * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4546 advisory.

    Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics     with text pointers inside Git, while storing the file contents on a remote server.

    Security Fix(es):

    * golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS     (CVE-2023-45288,VU#421644.3)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4548 advisory.

    This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the     code of a running kernel.  This patch module is targeted for kernel-5.14.0-284.48.1.el9_2.

    Security Fix(es):

    * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4502 advisory.

    The skopeo command lets you inspect images from container image registries, get images and image layers,     and use signatures to create and verify files.

    Security Fix(es):

    * golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4549 advisory.

    The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript     translates PostScript code to common bitmap formats so that the code can be displayed or printed.

    Security Fix(es):

    * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4500 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4517 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4508 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4537 advisory.

    The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript     translates PostScript code to common bitmap formats so that the code can be displayed or printed.

    Security Fix(es):

    * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4501 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13     (CVE-2024-6604)

    * Mozilla: Race condition in permission assignment (CVE-2024-6601)

    * Mozilla: Memory corruption in thread creation (CVE-2024-6603)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4533 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

    * kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in     hns_dsaf_ge_srst_by_port() (CVE-2021-47548)

    * kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)

    * kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)

    * kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)

    * kernel: tls: race between async notify and socket close (CVE-2024-26583)

    * kernel: tls: race between tx work scheduling and socket close (CVE-2024-26585)

    * kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720)

    * kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)

    * kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)

    * kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852)

    * kernel: icmp: prevent possible NULL dereferences from icmp_build_probe() (CVE-2024-35857)

    * kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)

    * kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (CVE-2024-35969)

    * kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)

    * kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4529 advisory.

    The less utility is a text file browser that resembles more, but allows users to move backwards in the     file as well as forwards. Since less does not read the entire input file at startup, it also starts more     quickly than ordinary text editors.

    Security Fix(es):

    * less: OS command injection (CVE-2024-32487)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4527 advisory.

    The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript     translates PostScript code to common bitmap formats so that the code can be displayed or printed.

    Security Fix(es):

    * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4528 advisory.

    The less utility is a text file browser that resembles more, but allows users to move backwards in the     file as well as forwards. Since less does not read the entire input file at startup, it also starts more     quickly than ordinary text editors.

    Security Fix(es):

    * less: OS command injection (CVE-2024-32487)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4522 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):

    * automation-controller: jinja2: accepts keys containing non-attribute characters (CVE-2024-34064)
    * automation-controller: jwcrypto: malicious JWE token can cause denial of service (CVE-2024-28102)
    * automation-controller: requests: subsequent requests to the same host ignore cert verification     (CVE-2024-35195)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Updates and fixes for automation controller:
    * Fixed a bug where the controller does not respect DATABASES[OPTIONS] setting, if specified     (AAP-26398)
    * Changed all uses of ImplicitRoleField to perform an on_delete=SET_NULL (AAP-25136)
    * Fixed the HostMetric automated counter to display the correct values (AAP-25115)
    * Added Django logout redirects (AAP-24543)
    * automation-controller has been updated to 4.5.8

    Additional changes:
    * aap-metrics-utility has been updated to 0.3.0 (AAP-25875)
    * ansible-core has been updated to 2.15.12 (AAP-25536)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4499 advisory.

    Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text     files and to perform system management tasks.

    Security Fix(es):

    * rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 (CVE-2023-36617)

    * ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)

    * ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)

    * ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)

    * REXML: DoS parsing an XML with many `<`s in an attribute value (CVE-2024-35176)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4504 advisory.

    The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

    Security Fix(es):

    * httpd: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4457 advisory.

    OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating     systems. It includes the core files necessary for both the OpenSSH client and server.

    Security Fix(es):

    * openssh: Possible remote code execution due to a race condition in signal handling affecting Red Hat     Enterprise Linux 9 (CVE-2024-6409)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4456 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
202612	RHEL 9 : thunderbird (RHSA-2024:4624)	high
202611	RHEL 9 : qt5-qtbase (RHSA-2024:4623)	medium
202610	RHEL 8 : qt5-qtbase (RHSA-2024:4621)	medium
202609	RHEL 8 : qt5-qtbase (RHSA-2024:4617)	medium
202608	RHEL 9 : 389-ds-base (RHSA-2024:4633)	high
202607	RHEL 7 : java-1.8.0-openjdk (RHSA-2024:4560)	high
202606	RHEL 7 : libndp (RHSA-2024:4622)	high
202605	RHEL 9 : thunderbird (RHSA-2024:4625)	critical
202604	RHEL 8 : libndp (RHSA-2024:4618)	high
202603	RHEL 8 : firefox (RHSA-2024:4610)	high
202602	RHEL 9 : libndp (RHSA-2024:4619)	high
202582	RHEL 8 / 9 : java-1.8.0-openjdk (RHSA-2024:4563)	high
202580	RHEL 8 / 9 : java-17-openjdk (RHSA-2024:4568)	high
202575	RHEL 8 : firefox (RHSA-2024:4590)	high
202574	RHEL 8 : firefox (RHSA-2024:4586)	high
202573	RHEL 8 / 9 : java-21-openjdk (RHSA-2024:4573)	high
202561	RHEL 9 : kernel (RHSA-2024:4583)	high
202560	RHEL 8 / 9 : OpenShift Container Platform 4.13.45 (RHSA-2024:4486)	high
202500	RHEL 8 : linux-firmware (RHSA-2024:4575)	medium
202499	RHEL 9 : podman (RHSA-2024:4581)	high
202498	RHEL 8 : git (RHSA-2024:4579)	critical
202497	RHEL 8 : cups (RHSA-2024:4580)	medium
202496	RHEL 8 : nghttp2 (RHSA-2024:4576)	medium
202495	RHEL 8 : kernel (RHSA-2024:4577)	high
202479	RHEL 9 : nodejs (RHSA-2024:4559)	medium
202457	RHEL 9 : kernel-rt (RHSA-2024:4554)	high
202403	RHEL 9 : git-lfs (RHSA-2024:4543)	high
202402	RHEL 8 : kpatch-patch-4_18_0-372_91_1 (RHSA-2024:4547)	high
202401	RHEL 9 : ruby (RHSA-2024:4542)	high
202400	RHEL 9 : ghostscript (RHSA-2024:4541)	high
202399	RHEL 8 : git-lfs (RHSA-2024:4545)	high
202398	RHEL 8 : ghostscript (RHSA-2024:4544)	high
202397	RHEL 8 : git-lfs (RHSA-2024:4546)	high
202396	RHEL 9 : kpatch-patch-5_14_0-284_48_1 (RHSA-2024:4548)	high
202395	RHEL 9 : skopeo (RHSA-2024:4502)	high
202394	RHEL 7 : ghostscript (RHSA-2024:4549)	high
202377	RHEL 9 : firefox (RHSA-2024:4500)	high
202376	RHEL 8 : firefox (RHSA-2024:4517)	high
202375	RHEL 7 : firefox (RHSA-2024:4508)	high
202374	RHEL 8 : ghostscript (RHSA-2024:4537)	high
202373	RHEL 9 : firefox (RHSA-2024:4501)	high
202371	RHEL 9 : kernel (RHSA-2024:4533)	high
202370	RHEL 9 : less (RHSA-2024:4529)	high
202369	RHEL 8 : ghostscript (RHSA-2024:4527)	high
202368	RHEL 9 : less (RHSA-2024:4528)	high
202258	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:4522)	medium
202189	RHEL 8 : ruby (RHSA-2024:4499)	medium
202188	RHEL 9 : httpd (RHSA-2024:4504)	high
202158	RHEL 9 : openssh (RHSA-2024:4457)	high
202157	RHEL 8 : python3 (RHSA-2024:4456)	high

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

high

medium

medium

medium

high

high

high

critical

high

high

high

high

high

high

high

high

high

high

medium

high

critical

medium

medium

high

medium

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

medium

medium

high

high

high