The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2653 advisory.

    The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and     customizable boot loader with modular architecture. The packages support a variety of kernel formats, file     systems, computer architectures, and hardware devices.

    Security Fix(es):

    * grub2: net: Out-of-bounds write in grub_net_search_config_file() (CVE-2025-0624)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2667 advisory.

    .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new     APIs, and it includes a CLR implementation.

    New versions of .NET that address a security vulnerability are now available. The updated versions are     .NET SDK 9.0.104 and .NET Runtime 9.0.3.Security Fix(es):

    * dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method     (CVE-2025-24070)

    Bug Fix(es) and Enhancement(s):

    * dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method (BZ#2349733)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2480 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2482 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml2: Use-After-Free in libxml2 (CVE-2024-56171)

    * libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 (CVE-2025-24928)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:2699 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2686 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml2: Use-After-Free in libxml2 (CVE-2024-56171)

    * libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 (CVE-2025-24928)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2470 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * python-tornado: Tornado has HTTP cookie parsing DoS vulnerability (CVE-2024-52804)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2471 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * python-tornado: Tornado has HTTP cookie parsing DoS vulnerability (CVE-2024-52804)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2488 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: can: bcm: Fix UAF in bcm_proc_show() (CVE-2023-52922)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2502 advisory.

    Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop     environment not only on the machine where it is running, but from anywhere on the Internet and from a wide     variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

    Security Fix(es):

    * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594)

    * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601)

    * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600)

    * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599)

    * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598)

    * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)

    * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596)

    * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2668 advisory.

    .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new     APIs, and it includes a CLR implementation.

    New versions of .NET that address a security vulnerability are now available. The updated versions are     .NET SDK 9.0.104 and .NET Runtime 9.0.3.Security Fix(es):

    * dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method     (CVE-2025-24070)

    Bug Fix(es) and Enhancement(s):

    * dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method (BZ#2349733)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2443 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.74. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2025:2441

    Security Fix(es):

    * podman: buildah: Container breakout by using --jobs=2 and a race     condition when building a malicious Containerfile (CVE-2024-11218)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2500 advisory.

    Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop     environment not only on the machine where it is running, but from anywhere on the Internet and from a wide     variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

    Security Fix(es):

    * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594)

    * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601)

    * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600)

    * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599)

    * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598)

    * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)

    * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596)

    * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2479 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2476 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2517 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: can: bcm: Fix UAF in bcm_proc_show() (CVE-2023-52922)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:2708 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2669 advisory.

    .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new     APIs, and it includes a CLR implementation.

    New versions of .NET that address a security vulnerability are now available. The updated versions are     .NET SDK 8.0.114 and .NET Runtime 8.0.14.Security Fix(es):

    * dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method     (CVE-2025-24070)

    Bug Fix(es) and Enhancement(s):

    * dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method (BZ#2349733)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:2484 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:2518 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):

    * automation-gateway: Mutation XSS in DOMPurify Due to Improper Template Literal Handling (CVE-2025-26791)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Updates and fixes included:

    Automation Platform
    * Fixed an issue that would prevent some types of resources from getting synced if there was a naming     conflict (AAP-41241)
    * Fixed an issue where login would fail for users who were members of a team or organization that had a     naming conflict (AAP-41240)
    * Fixed an issue in the user collection module where running with state: present would cause a stack trace     (AAP-40887)
    * Fixed an issue preventing the controller admin password to get set for the gateway admin account during     upgrades (AAP-40839)
    * Fixed an issue that caused updates to SAML authenticators to ignore an updated public certificate     provided via UI or API and then fail with the message The certificate and private key do not match     (AAP-40767)
    * Allow services to request cloud.redhat.com settings from gateway using ServiceTokenAuth (AAP-39649)
    * Fixed ServiceAuthToken destroy method to allow HTTP delete via ServiceAuth to work properly (AAP-37630)
    * automation-gateway has been updated to 2.5.20250312
    * python3.11-django-ansible-base has been updated to 2.5.20250312

    Automation controller
    * Fixed the indirect host counting name to not record the hostname, but from the query result instead     (AAP-41033)
    * Fixed OpaClient to initialize properly after timeouts and retries (AAP-40997)
    * Added service account credentials for Analytics in controller (AAP-40769)
    * Added a helper method in the API for fetching the service account token from sso.redhat.com (AAP-39637)
    * automation-controller has been updated to 4.6.9

    Event-Driven Ansible
    * Fixed ansible-rulebook support for third party python libraries (AAP-41341)
    * Modified the behavior of the ansible-rulebook and Event-Driven Ansible to help with issues when the     activation correctly started was considered unresponsive and scheduled for restarting (AAP-41070)
    * Added support for editing and copying of rulebook activations in the API (AAP-40254)
    * Rulebook activations' log message field is separated into timestamps and message fields (AAP-39743)
    * Fixed a bug where the activation was incorrectly restarted with the error message Missing container for     running activation (AAP-39545)
    * Event streams now connect to PostgreSQL by using the certificates configured at the installation     (AAP-39294)
    * User is now required to give a user defined name when copying a credential. The new credential name must     be unique (AAP-39079)
    * Enhanced error messages related to Decision Environments (AAP-38941)
    * Decision environment urls are now validated against OCI specification to ensure successful     authentication to the container registry when pulling the image (AAP-38822)
    * ansible-rulebook has been updated to 1.1.3
    * automation-eda-controller has been updated to 1.1.6

    Receptor:
    * Fixed an issue where receptor was creating too many inotify processes, and where the user would     encounter a too many open files error (AAP-22605)
    * receptor has been updated to 1.5.3

    Container-based Ansible Automation Platform
    * Corrected the URL in the postinstall code for automation hub to use the gateway proxy URL (AAP-41306)
    * Deprecated the variables eda_main_url and hub_main_url in favor of the gateway proxy URL (AAP-41306)
    * Receptor mesh connections are now created between all automation controller nodes (AAP-41102)
    * Fixed receptor configuration related to the container group instances type (AAP-40431)
    * Fixed behavior that would hide the errors during EDA status validation (AAP-40021)
    * Ensure the polkit RPM package is installed in order to enable user lingering (AAP-39860)
    * containerized installer setup has been updated to 2.5-11

    RPM-based Ansible Automation Platform
    * Fixed an issue where SELinux relabeling didn't happen when fcontext rules were changed (AAP-40489)
    * Fixed an issue where the credentials for execution environments and decision environments hosted in     automation hub were incorrectly configured (AAP-40419)
    * Fixed an issue where projects failed to sync due to incorrectly configured credentials for ansible     collections hosted in automation hub (AAP-40418)
    * Managed CA will now correctly assign eligible groups during discovery during installation, backup and     restore (AAP-40277)
    * Implemented argument to collect sosreport using the setup script (AAP-40085)
    * EDA Activation logging is now provided via the journald driver (AAP-39745)
    * ansible-automation-platform-installer and installer setup have been updated to 2.5-9

    Additional changes:
    * ansible-creator has been updated to 25.0.0
    * ansible-dev-environment has been updated to 25.1.0
    * ansible-dev-tools has been updated to 25.2.0
    * ansible-lint has been updated to 25.1.2
    * ansible-navigator has been updated to 25.1.0
    * automation-hub has been updated to 4.10.2
    * molecule has been updated to 25.2.0
    * python3.11-ansible-compat has been updated to 25.1.2
    * python3.11-galaxy-importer has been updated to 0.4.28
    * python3.11-galaxy-ng has been updated to 4.10.2
    * python3.11-jsonschema-path has been updated to 0.3.4
    * python3.11-podman has been updated to 5.2.0
    * python3.11-pytest-ansible has been updated to 25.1.0
    * python3.11-referencing has been updated to 0.36.2
    * python3.11-tox-ansible has been updated to 25.1.0
    * python3.11-typing-extensions has been updated to 4.9.0

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2475 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2654 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml2: Use-After-Free in libxml2 (CVE-2024-56171)

    * libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 (CVE-2025-24928)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2510 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: can: bcm: Fix UAF in bcm_proc_show() (CVE-2023-52922)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2507 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml: use-after-free in xmlXIncludeAddNode (CVE-2022-49043)

    * libxml2: Use-After-Free in libxml2 (CVE-2024-56171)

    * libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 (CVE-2025-24928)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2784 advisory.

    The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and     customizable boot loader with modular architecture. The packages support a variety of kernel formats, file     systems, computer architectures, and hardware devices.

    Security Fix(es):

    * grub2: net: Out-of-bounds write in grub_net_search_config_file() (CVE-2025-0624)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2799 advisory.

    The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and     customizable boot loader with modular architecture. The packages support a variety of kernel formats, file     systems, computer architectures, and hardware devices.

    Security Fix(es):

    * grub2: net: Out-of-bounds write in grub_net_search_config_file() (CVE-2025-0624)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2524 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: can: bcm: Fix UAF in bcm_proc_show() (CVE-2023-52922)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:2486 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2722 advisory.

    Kerberos is a network authentication system, which can improve the security of your network by eliminating     the insecure practice of sending passwords over the network in unencrypted form. It allows clients and     servers to authenticate to each other with the help of a trusted third party, the Kerberos key     distribution center (KDC).

    Security Fix:

    * CVE-2025-24528 krb5: overflow when calculating ulog block size

    Bug fix:

    * kdb5_util: fix DB entry flags on modification

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2474 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    * kernel: scsi: megaraid_sas: Fix for a potential deadlock (CVE-2024-57807)

    * kernel: pps: Fix a use-after-free (CVE-2024-57979)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2501 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: can: bcm: Fix UAF in bcm_proc_show() (CVE-2023-52922)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2525 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: arm64/sve: Discard stale CPU state when handling SVE traps (CVE-2024-50275)

    * kernel: can: bcm: Fix UAF in bcm_proc_show() (CVE-2023-52922)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2473 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

    * kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices     (CVE-2024-53197)

    * kernel: scsi: megaraid_sas: Fix for a potential deadlock (CVE-2024-57807)

    * kernel: pps: Fix a use-after-free (CVE-2024-57979)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:2485 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2678 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml: use-after-free in xmlXIncludeAddNode (CVE-2022-49043)

    * libxml2: Use-After-Free in libxml2 (CVE-2024-56171)

    * libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 (CVE-2025-24928)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2673 advisory.

    The libxml2 library is a development toolbox providing the implementation of various XML standards.

    Security Fix(es):

    * libxml2: Use-After-Free in libxml2 (CVE-2024-56171)

    * libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 (CVE-2025-24928)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9553 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

    Security Fix(es):

    * webkitgtk: Visiting a malicious website may lead to address bar spoofing (CVE-2024-40866)

    * webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2024-44187)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44185)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44244)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may prevent Content Security Policy     from being enforced (CVE-2024-44296)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9638 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

    Security Fix(es):

    * webkitgtk: type confusion may lead to arbitrary code execution (CVE-2024-23222)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27808)

    * webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution     (CVE-2024-27833)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44185)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44244)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9679 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

    Security Fix(es):

    * webkitgtk: Memory corruption issue when processing web content (CVE-2022-32885)

    * webkitgtk: arbitrary javascript code execution (CVE-2023-40397)

    * webkitgtk: Arbitrary Remote Code Execution (CVE-2023-42917)

    * webkitgtk: type confusion may lead to arbitrary code execution (CVE-2024-23222)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852)

    * chromium-browser: Use after free in ANGLE (CVE-2024-4558)

    * webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution (CVE-2024-40776)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-40789)

    * webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40780)

    * webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40779)

    * webkitgtk: webkit2gtk: Use-after-free was addressed with improved memory management (CVE-2024-40782)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27808)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27820)

    * webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution     (CVE-2024-27833)

    * webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution     (CVE-2024-27851)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44185)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44244)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9636 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

    Security Fix(es):

    * chromium-browser: Use after free in ANGLE (CVE-2024-4558)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-40789)

    * webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40780)

    * webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40779)

    * webkitgtk: webkit2gtk: Use-after-free was addressed with improved memory management (CVE-2024-40782)

    * webkitgtk: Visiting a malicious website may lead to address bar spoofing (CVE-2024-40866)

    * webkitgtk: A malicious website may cause unexpected cross-origin behavior (CVE-2024-23271)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27820)

    * webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2024-27838)

    * webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution     (CVE-2024-27851)

    * webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2024-44187)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44185)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44244)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may prevent Content Security Policy     from being enforced (CVE-2024-44296)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9646 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

    Security Fix(es):

    * webkitgtk: Memory corruption issue when processing web content (CVE-2022-32885)

    * webkitgtk: arbitrary javascript code execution (CVE-2023-40397)

    * webkitgtk: Arbitrary Remote Code Execution (CVE-2023-42917)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852)

    * chromium-browser: Use after free in ANGLE (CVE-2024-4558)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-40789)

    * webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40780)

    * webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40779)

    * webkitgtk: webkit2gtk: Use-after-free was addressed with improved memory management (CVE-2024-40782)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27808)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27820)

    * webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution     (CVE-2024-27833)

    * webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution     (CVE-2024-27851)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44185)

    * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process     crash (CVE-2024-44244)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8994 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.15.38. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2024:8991

    Security Fix(es):

    * buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.15 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.openshift.com/container-platform/4.15/updating/updating_a_cluster/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:0372 advisory.

    The kernel-aarch64 package contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write     (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to     gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
    (CVE-2016-5195, Important)

    * Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area     Network(CONFIG_VXLAN) with Transparent Ethernet Bridging(TEB) GRO support, is vulnerable to a stack     overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could     unfold in both VLAN and TEB modules, leading to a stack corruption in the kernel. (CVE-2016-7039,     Important)

    Red Hat would like to thank Phil Oester for reporting CVE-2016-5195.

    Bug Fix(es):

    * Previously, the operating system did not support the Mellanox ConnectX-4 PCIe Network Interface     Controllers (NIC) in Ethernet mode. This update enables Ethernet support in the mlx5 driver. As a result,     the Mellanox ConnectX-4 PCIe NICs now work in Ethernet mode as expected. (BZ#1413108)

    * On the Qualcomm Datacenter Technologies server platform with Qualcomm Datacenter Technologies Centriq     2400 CPU (QDF2400v1) memory accesses sometimes allocated Translation Lookaside Buffer (TLB) entries using     an incorrect Address Space ID (ASID). This could consequently result in memory corruption and crashes     under certain conditions. The underlying source code has been modified to handle the TTBRx_EL1[ASID] and     TTBRx_EL1[BADDR] fields separately using a reserved ASID, and the described problem no longer occurs.
    (BZ#1421765)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:2452 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2399 advisory.

    Red Hat Satellite is a system management solution that allows organizations     to configure and maintain their systems without the necessity to provide     public Internet access to their servers or other client systems. It     performs provisioning and configuration management of predefined standard     operating environments.

    Security Fix(es):

    * python-jinja2: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326)

    * python-django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374)

    Users of Red Hat Satellite are advised to upgrade to these updated     packages, which fix these bugs.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2359 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: Use-after-free in WebTransportChild (CVE-2025-1931)

    * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930)

    * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934)

    * firefox: Clickjacking the registerProtocolHandler info-bar  Reporter (CVE-2025-1935)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and     Thunderbird 128.8 (CVE-2025-1938)

    * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21,     Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

    * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932)

    * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents     (CVE-2025-1936)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2426 advisory.

    The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate     System.

    Security Fix(es):

    * jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods     (CVE-2020-11023)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9551 advisory.

    The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries     and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

    Security Fix(es):

    * golang-fips: Golang FIPS zeroed buffer (CVE-2024-9355)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0693 advisory.

    Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can     contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data     set. You can persist it either by dumping the data set to disk every once in a while, or by appending each     command to a log.

    Security Fix(es):

    * redis: heap overflow in the lua cjson and cmsgpack libraries (CVE-2022-24834)

    * redis: possible bypass of Unix socket permissions on startup (CVE-2023-45145)

    * redis: Lua library commands may lead to stack overflow and RCE in Redis (CVE-2024-31449)

    * redis: Denial-of-service due to unbounded pattern matching in Redis (CVE-2024-31228)

    * redis: Redis' Lua library commands may lead to remote code execution (CVE-2024-46981)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0595 advisory.

    Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can     contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data     set. You can persist it either by dumping the data set to disk every once in a while, or by appending each     command to a log.

    Security Fix(es):

    * redis: Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands may lead to denial-of-service     (CVE-2023-22458)

    * redis: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panic     (CVE-2022-35977)

    * redis: Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer     overflow (CVE-2022-36021)

    * redis: String matching commands (like SCAN or KEYS) with a specially crafted pattern to trigger a     denial-of-service attack (CVE-2023-25155)

    * redis: Insufficient validation of HINCRBYFLOAT command (CVE-2023-28856)

    * redis: heap overflow in the lua cjson and cmsgpack libraries (CVE-2022-24834)

    * redis: possible bypass of Unix socket permissions on startup (CVE-2023-45145)

    * redis: Lua library commands may lead to stack overflow and RCE in Redis (CVE-2024-31449)

    * redis: Denial-of-service due to unbounded pattern matching in Redis (CVE-2024-31228)

    * redis: Redis' Lua library commands may lead to remote code execution (CVE-2024-46981)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Severity
232800	RHEL 8 : grub2 (RHSA-2025:2653)	high
232799	RHEL 8 : .NET 9.0 (RHSA-2025:2667)	high
232798	RHEL 9 : firefox (RHSA-2025:2480)	high
232797	RHEL 9 : libxml2 (RHSA-2025:2482)	high
232796	RHEL 7 : firefox (RHSA-2025:2699)	high
232795	RHEL 8 : libxml2 (RHSA-2025:2686)	high
232794	RHEL 9 : pcs (RHSA-2025:2470)	high
232793	RHEL 9 : pcs (RHSA-2025:2471)	high
232792	RHEL 9 : kernel (RHSA-2025:2488)	medium
232791	RHEL 8 : tigervnc (RHSA-2025:2502)	high
232790	RHEL 9 : .NET 9.0 (RHSA-2025:2668)	high
232789	RHEL 8 / 9 : OpenShift Container Platform 4.12.74 (RHSA-2025:2443)	high
232788	RHEL 9 : tigervnc (RHSA-2025:2500)	high
232787	RHEL 9 : firefox (RHSA-2025:2479)	high
232786	RHEL 9 : kernel-rt (RHSA-2025:2476)	medium
232785	RHEL 6 : kernel (RHSA-2025:2517)	medium
232784	RHEL 8 : firefox (RHSA-2025:2708)	high
232783	RHEL 9 : .NET 8.0 (RHSA-2025:2669)	high
232782	RHEL 8 : firefox (RHSA-2025:2484)	high
232781	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update (Moderate) (RHSA-2025:2518)	medium
232780	RHEL 9 : kernel (RHSA-2025:2475)	medium
232779	RHEL 8 : libxml2 (RHSA-2025:2654)	high
232778	RHEL 7 : kernel-rt (RHSA-2025:2510)	medium
232777	RHEL 8 : libxml2 (RHSA-2025:2507)	high
232776	RHEL 8 : grub2 (RHSA-2025:2784)	high
232775	RHEL 9 : grub2 (RHSA-2025:2799)	high
232774	RHEL 8 : kernel-rt (RHSA-2025:2524)	medium
232773	RHEL 8 : firefox (RHSA-2025:2486)	high
232772	RHEL 8 : krb5 (RHSA-2025:2722)	medium
232771	RHEL 8 : kernel-rt (RHSA-2025:2474)	medium
232770	RHEL 7 : kernel (RHSA-2025:2501)	medium
232769	RHEL 8 : kernel (RHSA-2025:2525)	high
232768	RHEL 8 : kernel (RHSA-2025:2473)	medium
232767	RHEL 8 : firefox (RHSA-2025:2485)	high
232766	RHEL 9 : libxml2 (RHSA-2025:2678)	high
232765	RHEL 7 : libxml2 (RHSA-2025:2673)	high
232750	RHEL 9 : webkit2gtk3 (RHSA-2024:9553)	critical
232749	RHEL 9 : webkit2gtk3 (RHSA-2024:9638)	high
232633	RHEL 8 : webkit2gtk3 (RHSA-2024:9679)	critical
232632	RHEL 8 : webkit2gtk3 (RHSA-2024:9636)	critical
232631	RHEL 8 : webkit2gtk3 (RHSA-2024:9646)	critical
232565	RHEL 8 / 9 : OpenShift Container Platform 4.15.38 (RHSA-2024:8994)	high
232547	RHEL 7 : kernel-aarch64 (RHSA-2017:0372)	high
232539	RHEL 8 : firefox (RHSA-2025:2452)	critical
232538	RHEL 8 / 9 : Satellite 6.16.3 Async Update (Moderate) (RHSA-2025:2399)	medium
232537	RHEL 9 : firefox (RHSA-2025:2359)	critical
232536	RHEL 7 : pki-core (RHSA-2025:2426)	medium
232194	RHEL 9 : grafana-pcp (RHSA-2024:9551)	medium
232193	RHEL 9 : redis (RHSA-2025:0693)	high
232185	RHEL 8 : redis:6 (RHSA-2025:0595)	high

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

high

high

high

high

high

high

high

high

medium

high

high

high

high

high

medium

medium

high

high

high

medium

medium

high

medium

high

high

high

medium

high

medium

medium

medium

high

medium

high

high

high

critical

high

critical

critical

critical

high

high

critical

medium

critical

medium

medium

high

high