The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5941 advisory.

    The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec,     commonly used with the WebM multimedia container file format.

    Security Fix(es):

    * libvpx: Heap buffer overflow related to VP9 encoding (CVE-2023-6349)

    * libvpx: Integer overflow in vpx_img_alloc() (CVE-2024-5197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5930 advisory.

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:5906 advisory.

    Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data     objects.

    Security Fix(es):

    * squid: Out-of-bounds write error may lead to Denial of Service (CVE-2024-37894)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5907 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam     (CVE-2024-1737)

    * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975)

    * bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content     (CVE-2024-4076)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5908 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam     (CVE-2024-1737)

    * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5886 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: bility to trust not validated macro signatures removed in high security mode     (CVE-2024-6472)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5884 advisory.

    Kerberos is a network authentication system, which can improve the security of your network by eliminating     the insecure practice of sending passwords over the network in unencrypted form. It allows clients and     servers to authenticate to each other with the help of a trusted third party, the Kerberos key     distribution center (KDC).

    Security Fix(es):

    * krb5: GSS message token handling (CVE-2024-37371)

    * krb5: GSS message token handling (CVE-2024-37370)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5882 advisory.

    Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays     of data.  The language is a generic assembly language that represents many of the features available in     SIMD architectures, including saturated addition and subtraction, and many arithmetic operations.

    Security Fix(es):

    * orc: Stack-based buffer overflow vulnerability in ORC (CVE-2024-40897)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5883 advisory.

    The linux-firmware packages contain all of the firmware files that are required by various devices to     operate.

    Security Fix(es):

    * kernel: Reserved fields in guest message responses may not be zero initialized (AMD-     SN-3007,CVE-2023-31346)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5894 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam     (CVE-2024-1737)

    * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5871 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam     (CVE-2024-1737)

    * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5838 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam     (CVE-2024-1737)

    * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5813 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam     (CVE-2024-1737)

    * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975)

    * bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content     (CVE-2024-4076)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5812 advisory.

    The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

    Security Fix(es):

    * httpd: Security issues via?backend applications whose response headers are malicious or exploitable     (CVE-2024-38476)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5856 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.7 serves as a     replacement for Red Hat JBoss Enterprise Application Platform 7.1.6, and includes bug fixes and     enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.7 Release Notes for information     about the most significant bug fixes and enhancements included in this release.

    Security Fix(es):

    * undertow: EAP: field-name is not parsed in accordance to RFC7230 [eap-7.1.z] (CVE-2020-1710)

    * commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean     by default [eap-7.1.z] (CVE-2019-10086)

    * log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink [eap-7.1.z]     (CVE-2022-23302)

    * jackson-databind: default typing mishandling leading to remote code execution [eap-7.1.z]     (CVE-2019-14379)

    * undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth [eap-7.1.z]     (CVE-2019-9514)

    * undertow: AJP File Read/Inclusion Vulnerability [eap-7.1.z] (CVE-2020-1745)

    * undertow: HTTP/2: large amount of data requests leads to denial of service [eap-7.1.z] (CVE-2019-9511)

    * undertow: servletPath in normalized incorrectly leading to dangerous application mapping which could     result in security bypass [eap-7.1.z] (CVE-2020-1757)

    * undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS [eap-7.1.z]     (CVE-2019-14888)

    * log4j: Unsafe deserialization flaw in Chainsaw log viewer [eap-7.1.z] (CVE-2022-23307)

    * netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length     header [eap-7.1.z] (CVE-2019-20445)

    * log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [eap-7.1.z]     (CVE-2021-4104)

    * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth [eap-7.1.z]     (CVE-2019-9515)

    * infinispan-core: infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private     methods [eap-7.1.z] (CVE-2019-10174)

    * log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [eap-7.1.z]     (CVE-2022-23305)

    * jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to     remote code execution [eap-7.1.z] (CVE-2019-12384)

    * wildfly-security-manager: security manager authorization bypass (CVE-2019-14843)

    * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)

    * netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)

    * jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531)

    * netty: HTTP request smuggling (CVE-2019-20444)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5832 advisory.

    The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

    Security Fix(es):

    * httpd: Security issues via?backend applications whose response headers are malicious or exploitable     (CVE-2024-38476)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:5858 advisory.

    This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the     code of a running kernel.  This patch module is targeted for kernel-5.14.0-70.85.1.el9_0.

    Security Fix(es):

    * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

    * kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)

    * kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)

    * kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5673 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)

    * kernel: igc: avoid returning frame twice in XDP_REDIRECT (CVE-2024-26853)

    * kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)

    * kernel: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (CVE-2023-52735)

    * kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)

    * kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)

    * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)

    * kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)

    * kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)

    * kernel: NFSv4: Fix memory leak in nfs4_set_security_label (CVE-2024-41076)

    * kernel: ice: Don't process extts if PTP is disabled (CVE-2024-42107)

    Bug Fix(es):

    * kernel-rt: update RT source tree to the latest RHEL-9.2 ad hoc schedule build (JIRA:RHEL-54222)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5672 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)

    * kernel: igc: avoid returning frame twice in XDP_REDIRECT (CVE-2024-26853)

    * kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)

    * kernel: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (CVE-2023-52735)

    * kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)

    * kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)

    * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)

    * kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)

    * kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)

    * kernel: NFSv4: Fix memory leak in nfs4_set_security_label (CVE-2024-41076)

    * kernel: ice: Don't process extts if PTP is disabled (CVE-2024-42107)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5446 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.48. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2024:5444

    Security Fix(es):

    * golang: net/http: memory exhaustion in Request.ParseMultipartForm     (CVE-2023-45290)
    * go-retryablehttp: url might write sensitive information to log file     (CVE-2024-6104)
    * golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped     IPv6 addresses (CVE-2024-24790)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5436 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.14.35. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2024:5433

    Security Fix(es):

    * golang: net/http: memory exhaustion in Request.ParseMultipartForm     (CVE-2023-45290)
    * golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped     IPv6 addresses (CVE-2024-24790)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5442 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.15.28. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2024:5439

    Security Fix(es):

    * golang: net/http: memory exhaustion in Request.ParseMultipartForm     (CVE-2023-45290)
    * golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped     IPv6 addresses (CVE-2024-24790)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.15 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.openshift.com/container-platform/4.15/updating/updating_a_cluster/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5689 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5696 advisory.

    Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

    Security Fix(es):

    * tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)

    * tomcat: Denial of Service in Tomcat (CVE-2024-38286)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5694 advisory.

    Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

    Security Fix(es):

    * tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)

    * tomcat: Denial of Service in Tomcat (CVE-2024-38286)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5601 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: bility to trust not validated macro signatures removed in high security mode     (CVE-2024-6472)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5693 advisory.

    Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

    Security Fix(es):

    * tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)

    * tomcat: Denial of Service in Tomcat (CVE-2024-38286)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5695 advisory.

    Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

    Security Fix(es):

    * tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)

    * tomcat: Denial of Service in Tomcat (CVE-2024-38286)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5692 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)

    * kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)

    * kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)

    * kernel: wifi: iwlwifi: dbg-tlv: ensure NUL termination (CVE-2024-35845)

    * kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)

    * kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)

    * kernel: isdn: mISDN: Fix sleeping function called from invalid context (CVE-2021-47468)

    * kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)

    * kernel: wifi: nl80211: don't free NULL coalescing rule (CVE-2024-36941)

    * kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)

    * kernel: gfs2: Fix potential glock use-after-free on unmount (CVE-2024-38570)

    * kernel: KVM: x86: nSVM: fix potential NULL derefernce on nested migration (CVE-2022-48793)

    * kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5655 advisory.

    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing     with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es):

    * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam     (CVE-2024-1737)

    * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5654 advisory.

    The curl packages provide the libcurl library and the curl utility for downloading files from servers     using various protocols, including HTTP, FTP, and LDAP.

    Security Fix(es):

    * curl: HTTP/2 push headers memory-leak (CVE-2024-2398)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5662 advisory.

    Red Hat Satellite is a system management solution that allows organizations     to configure and maintain their systems without the necessity to provide     public Internet access to their servers or other client systems. It     performs provisioning and configuration management of predefined standard     operating environments.

    Users of Red Hat Satellite are advised to upgrade to these updated     packages, which fix these bugs.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5630 advisory.

    Kerberos is a network authentication system, which can improve the security of your network by eliminating     the insecure practice of sending passwords over the network in unencrypted form. It allows clients and     servers to authenticate to each other with the help of a trusted third party, the Kerberos key     distribution center (KDC).

    Security Fix(es):

    * krb5: GSS message token handling (CVE-2024-37371)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5634 advisory.

    The podman tool manages pods, container images, and containers. It is part of the libpod library, which is     for applications that use container pods. Container pods is a concept in Kubernetes.

    Security Fix(es):

    * golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

    * go-retryablehttp: url might write sensitive information to log file (CVE-2024-6104)

    * gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization (CVE-2024-37298)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5638 advisory.

    Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays     of data.  The language is a generic assembly language that represents many of the features available in     SIMD architectures, including saturated addition and subtraction, and many arithmetic operations.

    Security Fix(es):

    * orc: Stack-based buffer overflow vulnerability in ORC (CVE-2024-40897)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5633 advisory.

    The fence-agents packages provide a collection of scripts for handling remote power management for cluster     devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.

    Security Fix(es):

    * urllib3: proxy-authorization request header is not stripped during cross-origin redirects     (CVE-2024-37891)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5643 advisory.

    Kerberos is a network authentication system, which can improve the security of your network by eliminating     the insecure practice of sending passwords over the network in unencrypted form. It allows clients and     servers to authenticate to each other with the help of a trusted third party, the Kerberos key     distribution center (KDC).

    Security Fix(es):

    * krb5: GSS message token handling (CVE-2024-37371)

    * krb5: GSS message token handling (CVE-2024-37370)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5640 advisory.

    The linux-firmware packages contain all of the firmware files that are required by various devices to     operate.

    Security Fix(es):

    * kernel: Reserved fields in guest message responses may not be zero initialized (CVE-2023-31346)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5625 advisory.

    Kerberos is a network authentication system, which can improve the security of your network by eliminating     the insecure practice of sending passwords over the network in unencrypted form. It allows clients and     servers to authenticate to each other with the help of a trusted third party, the Kerberos key     distribution center (KDC).

    Security Fix(es):

    * krb5: GSS message token handling (CVE-2024-37371)

    * krb5: GSS message token handling (CVE-2024-37370)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5629 advisory.

    Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays     of data.  The language is a generic assembly language that represents many of the features available in     SIMD architectures, including saturated addition and subtraction, and many arithmetic operations.

    Security Fix(es):

    * orc: Stack-based buffer overflow vulnerability in ORC (CVE-2024-40897)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5644 advisory.

    The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar     operating systems.

    Security Fix(es):

    * cups: Cupsd Listen arbitrary chmod 0140777 (CVE-2024-35235)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:5623 advisory.

    EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package     contains a sample 64-bit UEFI firmware for QEMU and KVM.

    Security Fix(es):

    * edk2: Temporary DoS vulnerability (CVE-2024-1298)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5622 advisory.

    The fence-agents packages provide a collection of scripts for handling remote power management for cluster     devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.

    Security Fix(es):

    * urllib3: proxy-authorization request header is not stripped during cross-origin redirects     (CVE-2024-37891)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5627 advisory.

    The fence-agents packages provide a collection of scripts for handling remote power management for cluster     devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.

    Security Fix(es):

    * urllib3: proxy-authorization request header is not stripped during cross-origin redirects     (CVE-2024-37891)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5608 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: bility to trust not validated macro signatures removed in high security mode     (CVE-2024-6472)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5599 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: bility to trust not validated macro signatures removed in high security mode     (CVE-2024-6472)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5598 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: bility to trust not validated macro signatures removed in high security mode     (CVE-2024-6472)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5607 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: bility to trust not validated macro signatures removed in high security mode     (CVE-2024-6472)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:5522 advisory.

    This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the     code of a running kernel.  This patch module is targeted for kernel-4.18.0-553.el8_10.

    Security Fix(es):

    * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

    * kernel: net: UAF in network route management (CVE-2024-36971)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5583 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: bility to trust not validated macro signatures removed in high security mode     (CVE-2024-6472)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
206278	RHEL 8 : libvpx (RHSA-2024:5941)	medium
206270	RHEL 7 : bind (RHSA-2024:5930)	high
206244	RHEL 9 : squid (RHSA-2024:5906)	medium
206243	RHEL 9 : bind and bind-dyndb-ldap (RHSA-2024:5907)	high
206242	RHEL 8 : bind (RHSA-2024:5908)	high
206232	RHEL 8 : libreoffice (RHSA-2024:5886)	high
206231	RHEL 8 : krb5 (RHSA-2024:5884)	critical
206230	RHEL 8 : orc:0.4.28 (RHSA-2024:5882)	medium
206229	RHEL 8 : linux-firmware (RHSA-2024:5883)	medium
206228	RHEL 7 : bind (RHSA-2024:5894)	high
206221	RHEL 8 : bind (RHSA-2024:5871)	high
206213	RHEL 8 : bind (RHSA-2024:5838)	high
206212	RHEL 9 : bind and bind-dyndb-ldap (RHSA-2024:5813)	high
206211	RHEL 9 : httpd (RHSA-2024:5812)	critical
206210	RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.7 on RHEL 7 (RHSA-2024:5856)	critical
206209	RHEL 9 : httpd (RHSA-2024:5832)	critical
206208	RHEL 9 : kpatch-patch-5_14_0-70_85_1 (RHSA-2024:5858)	high
206197	RHEL 9 : kernel-rt (RHSA-2024:5673)	high
206196	RHEL 9 : kernel (RHSA-2024:5672)	high
206116	RHEL 8 / 9 : OpenShift Container Platform 4.13.48 (RHSA-2024:5446)	critical
206101	RHEL 8 / 9 : OpenShift Container Platform 4.14.35 (RHSA-2024:5436)	critical
206100	RHEL 8 / 9 : OpenShift Container Platform 4.15.28 (RHSA-2024:5442)	critical
206034	RHEL 9 : python3.9 (RHSA-2024:5689)	high
206033	RHEL 9 : tomcat (RHSA-2024:5696)	high
206032	RHEL 8 : tomcat (RHSA-2024:5694)	high
206031	RHEL 8 : libreoffice (RHSA-2024:5601)	high
206030	RHEL 9 : tomcat (RHSA-2024:5693)	high
206029	RHEL 8 : tomcat (RHSA-2024:5695)	high
206028	RHEL 8 : kernel (RHSA-2024:5692)	high
205889	RHEL 8 : bind (RHSA-2024:5655)	high
205888	RHEL 8 : curl (RHSA-2024:5654)	high
205887	RHEL 8 : Satellite 6.15.3 Security Update (Moderate) (RHSA-2024:5662)	high
205885	RHEL 9 : krb5 (RHSA-2024:5630)	critical
205884	RHEL 9 : podman (RHSA-2024:5634)	medium
205883	RHEL 9 : orc:0.4.31 (RHSA-2024:5638)	medium
205882	RHEL 9 : fence-agents (RHSA-2024:5633)	medium
205881	RHEL 9 : krb5 (RHSA-2024:5643)	critical
205880	RHEL 9 : linux-firmware (RHSA-2024:5640)	medium
205879	RHEL 8 : krb5 (RHSA-2024:5625)	critical
205878	RHEL 9 : orc (RHSA-2024:5629)	medium
205877	RHEL 9 : cups (RHSA-2024:5644)	medium
205876	RHEL 8 : edk2 (RHSA-2024:5623)	medium
205875	RHEL 8 : fence-agents (RHSA-2024:5622)	medium
205874	RHEL 9 : fence-agents (RHSA-2024:5627)	medium
205870	RHEL 8 : libreoffice (RHSA-2024:5608)	high
205869	RHEL 8 : libreoffice (RHSA-2024:5599)	high
205868	RHEL 8 : libreoffice (RHSA-2024:5598)	high
205867	RHEL 9 : libreoffice (RHSA-2024:5607)	high
205866	RHEL 8 : kpatch-patch-4_18_0-553 (RHSA-2024:5522)	high
205817	RHEL 9 : libreoffice (RHSA-2024:5583)	high

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

medium

high

medium

high

high

high

critical

medium

medium

high

high

high

high

critical

critical

critical

high

high

high

critical

critical

critical

high

high

high

high

high

high

high

high

high

high

critical

medium

medium

medium

critical

medium

critical

medium

medium

medium

medium

medium

high

high

high

high

high

high