AlmaLinux 8

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2024:3127 Related CVEs: CVE-2020-18770 CVE-2018-17828 CVE-2020-18442 Upstream summary: The zziplib is a lightweight library to easily extract data from zip files. Security Fix(es): * zziplib: invalid memory access at zzip_disk_entry_to_file_header in mmapped.c […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2024:1719 Related CVEs: CVE-2024-23301 Upstream summary: Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2024:0967 Related CVEs: CVE-2023-5992 CVE-2023-40660 CVE-2023-40661 CVE-2020-26570 CVE-2020-26571 CVE-2020-26572 CVE-2023-2977 Upstream summary: The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2024:0889 Related CVEs: CVE-2019-13224 CVE-2019-16163 CVE-2019-19012 CVE-2019-19203 CVE-2019-19204 CVE-2019-13225 Upstream summary: Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fix(es): * oniguruma: Use-after-free in onig_new_deluxe() in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2024:0768 Related CVEs: CVE-2020-28241 Upstream summary: The libmaxminddb package contains the MaxMind DB library. Security Fix(es): * libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c (CVE-2020-28241) For more details about the security issue(s), […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2024:0769 Related CVEs: CVE-2021-41043 CVE-2020-8037 Upstream summary: The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2024:0647 Related CVEs: CVE-2021-35937 CVE-2021-35938 CVE-2021-35939 CVE-2021-3521 CVE-2021-20266 Upstream summary: The RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2024:0131 Related CVEs: CVE-2022-44638 CVE-2020-35492 Upstream summary: Pixman is a pixel manipulation library for the X Window System and Cairo. Security Fix(es): * pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2023:7836 Related CVEs: CVE-2021-3468 CVE-2023-38469 CVE-2023-38470 CVE-2023-38471 CVE-2023-38472 CVE-2023-38473 CVE-2023-1981 Upstream summary: Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2023:7189 Related CVEs: CVE-2022-3287 Upstream summary: The fwupd packages provide a service that allows session software to update device firmware. Security Fix(es): * fwupd: world readable password in /etc/fwupd/redfish.conf (CVE-2022-3287) For more […]