CentOS Stream

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2025:0377 Related CVEs: CVE-2024-3661 CVE-2024-6501 Upstream summary: NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2022:8100 Related CVEs: CVE-2022-23645 Upstream summary: SWTPM is a TPM emulator built on libtpms providing TPM functionality for QEMU VMs. Security Fix(es): * swtpm: Unchecked header size indicator against expected size […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2024:9184 Related CVEs: CVE-2024-6655 Upstream summary: The GTK+ library provides a multi-platform toolkit for creating graphical user interfaces. The gtk3 packages contain GTK+ version 3. Security Fix(es): * gtk3: gtk2: Library […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2024:9158 Related CVEs: CVE-2020-27827 CVE-2021-43612 CVE-2023-41910 Upstream summary: LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2024:9281 Related CVEs: CVE-2023-6681 CVE-2024-28102 Upstream summary: The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2024:7457 Related CVEs: CVE-2024-46544 CVE-2023-41081 CVE-2023-6710 Upstream summary: The mod_jk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2022:7959 Related CVEs: CVE-2022-2211 Upstream summary: guestfs-tools is a set of tools that can be used to make batch configuration changes to guests, get disk used/free statistics, perform backups and guest […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2024:2337 Related CVEs: CVE-2023-49083 Upstream summary: The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fix(es): * python-cryptography: NULL-dereference […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2024:2517 Related CVEs: CVE-2023-52160 Upstream summary: The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: CentOS Stream 9 📖 ~4 min read  •  Source: AlmaLinux/RHEL advisory ALSA-2023:7754 Related CVEs: CVE-2022-44638 Upstream summary: Pixman is a pixel manipulation library for the X Window System and Cairo. Security Fix(es): * pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds […]