Outdated packages with security issues

Just scanned an up-to-date RHEL7.6 and with Nessus and got the following issues:

Severity: HIGH
RHEL 7 : glusterfs (RHSA-2018:3432)
Severity: MEDIUM

RHEL 7 : Red Hat Ceph Storage 2.5 (RHSA-2018:2261)

RHEL 7 : Storage Server (RHSA-2018:2613)

Remote package installed : glusterfs-3.12.2-18.el7
Should be : glusterfs-3.12.2-25.el7

Remote package installed : glusterfs-client-xlators-3.12.2-18.el7
Should be : glusterfs-client-xlators-3.12.2-25.el7

Remote package installed : glusterfs-fuse-3.12.2-18.el7
Should be : glusterfs-fuse-3.12.2-25.el7

Remote package installed : glusterfs-libs-3.12.2-18.el7
Should be : glusterfs-libs-3.12.2-25.el7

Remote package installed : librados2-10.2.5-4.el7
Should be : librados2-10.2.10-28.el7cp

Remote package installed : libtdb-1.3.15-1.el7
Should be : libtdb-1.3.15-4.el7

So RedHat knows about these issues, recommends the install of newer versions that seem to be available somewhere, but they are missing from the RHEL7 repositories.

Why does RedHat not take care of these issues ? How can we solve this. We need to update a customer system and prove that there are no known Vulnerabilities with severity "HIGH" or "MEDIUM"