*{}Note that this is a public ticket, please refrain from adding any sensitive data.*

{}Note this only affects customers running an EUS release.

Description of Problem

For CVE-2019-25033,  two erratas have been released for this CVE: one for the major RHEL 8 repository and another for the RHEL 8.6 EUS repository. They have already applied the erratum from the RHEL 8.6 EUS repository, but the host still shows as vulnerable.
RHSA-2022:7622 and RHSA-2024:0749

$ cat installed-rpms | grep unbound
python3-unbound-1.7.3-17.el8_6.5.x86_64                     Sat Jun 15 01:13:43 2024
unbound-libs-1.7.3-17.el8_6.5.x86_64                        Sat Jun 15 01:13:42 2024

Until last month, i.e, Sept the host did not appear vulnerable for this CVE, but it started appearing vulnerable in Oct.

Similarly, there are other CVEs where the customer is observing this behavior. 

Actual Behavior

Already remediated CVE still appearing. 

Expected Behavior

If errata is applied to the host, it should not say that the host is still vulnerable to the same CVE.

Business Impact / Additional info