CentOS Stream

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2025:1309 Related CVEs: CVE-2020-11023 Upstream summary: The gcc-toolset-13-gcc13 package contains the GNU Compiler Collection version 13. Security Fix(es): * jquery: Untrusted code execution via <option> tag in HTML passed to DOM […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2025:7077 Related CVEs: CVE-2024-12133 CVE-2021-46848 Upstream summary: A library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2023:0340 Related CVEs: CVE-2022-3715 Upstream summary: The bash packages provide Bash (Bourne-again shell), which is the default shell for AlmaLinux. Security Fix(es): * bash: a heap-buffer-overflow in valid_parameter_transform (CVE-2022-3715) For more […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2022:8011 Related CVEs: CVE-2022-25308 CVE-2022-25309 CVE-2022-25310 Upstream summary: FriBidi is a library to handle bidirectional scripts (for example Hebrew, Arabic), so that the display is done in the proper way, while […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2025:0917 Related CVEs: CVE-2024-41184 Upstream summary: The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2025:20559 Related CVEs: CVE-2024-56433 CVE-2023-4641 Upstream summary: The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2024:2512 Related CVEs: CVE-2022-48554 Upstream summary: The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2022:8226 Related CVEs: CVE-2022-2309 Upstream summary: lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fix(es): * lxml: NULL Pointer Dereference […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2023:2222 Related CVEs: CVE-2022-41717 Upstream summary: Conmon is an OCI container runtime monitor. Security Fix(es): * golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) For more […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2023:2179 Related CVEs: CVE-2021-46790 CVE-2022-30784 CVE-2022-30786 CVE-2022-30788 CVE-2022-30789 CVE-2022-40284 Upstream summary: The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access […]