./mage -v ci:teste2e Running target: CI:TestE2E I0430 12:36:51.539469 18383 magefile.go:526] setting up new custom bundle for testing... I0430 12:36:51.921705 18383 util.go:512] found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1777552611-jpgl -> user: redhat-appstudio-qe+redhat_appstudio_quality Creating Tekton Bundle: - Added Pipeline: docker-build to image I0430 12:36:53.085284 18383 bundle.go:57] image digest for a new tekton bundle quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1777552611-jpgl: quay.io/redhat-appstudio-qe/test-images@sha256:d462cb6ef0c751fb5739d4db907f1337bdca70317c77b386cbeeba962ecf3566 I0430 12:36:53.085304 18383 magefile.go:532] To use the custom docker bundle locally, run below cmd: export CUSTOM_DOCKER_BUILD_PIPELINE_BUNDLE=quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1777552611-jpgl I0430 12:36:53.085323 18383 e2e_repo.go:347] checking if repository is e2e-tests I0430 12:36:53.085329 18383 release_service.go:50] checking if repository is release-service I0430 12:36:54.050059 18383 release_service_catalog.go:104] checking if repository is release-service-catalog I0430 12:36:54.050077 18383 integration_service.go:49] checking if repository is integration-service I0430 12:36:54.050082 18383 image_controller.go:49] checking if repository is image-controller I0430 12:36:54.050087 18383 build_service.go:50] checking if repository is build-service I0430 12:36:54.050092 18383 build_service.go:31] require sprayproxy registering is set to TRUE I0430 12:36:54.050097 18383 build_service.go:34] setting test label filter: 'build-service' exec: go "install" "-mod=mod" "github.com/onsi/ginkgo/v2/ginkgo" go: downloading github.com/go-task/slim-sprig/v3 v3.0.0 go: downloading github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83 I0430 12:36:57.549166 18383 types.go:155] The following rules have matched build-service repo CI Workflow Rule. I0430 12:36:57.549189 18383 types.go:180] Will apply rules exec: ginkgo "--seed=1777552611" "--timeout=1h30m0s" "--grace-period=30s" "--output-interceptor-mode=none" "--label-filter=build-service" "--no-color" "--json-report=e2e-report.json" "--junit-report=e2e-report.xml" "--procs=20" "--nodes=20" "--p" "--output-dir=/workspace/artifact-dir" "./cmd" "--" go: downloading github.com/konflux-ci/build-service v0.0.0-20240611083846-2dee6cfe6fe4 go: downloading github.com/minio/minio-go/v7 v7.0.99 go: downloading github.com/IBM/go-sdk-core/v5 v5.15.3 go: downloading github.com/IBM/vpc-go-sdk v0.48.0 go: downloading github.com/aws/aws-sdk-go-v2 v1.41.3 go: downloading github.com/aws/aws-sdk-go-v2/config v1.31.3 go: downloading github.com/aws/aws-sdk-go-v2/service/ec2 v1.143.0 go: downloading github.com/google/go-github/v45 v45.2.0 go: downloading github.com/dustin/go-humanize v1.0.1 go: downloading github.com/go-ini/ini v1.67.0 go: downloading github.com/minio/md5-simd v1.1.2 go: downloading github.com/tinylib/msgp v1.6.1 go: downloading github.com/klauspost/crc32 v1.3.0 go: downloading github.com/minio/crc64nvme v1.1.1 go: downloading github.com/rs/xid v1.6.0 go: downloading github.com/aws/smithy-go v1.24.2 go: downloading github.com/go-playground/validator/v10 v10.17.0 go: downloading github.com/go-openapi/strfmt v0.25.0 go: downloading github.com/philhofer/fwd v1.2.0 go: downloading github.com/go-openapi/errors v0.22.6 go: downloading go.mongodb.org/mongo-driver v1.17.7 go: downloading github.com/go-viper/mapstructure/v2 v2.4.0 go: downloading github.com/oklog/ulid v1.3.1 go: downloading github.com/aws/aws-sdk-go-v2/credentials v1.18.7 go: downloading github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 go: downloading github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.4 go: downloading github.com/aws/aws-sdk-go-v2/service/sso v1.28.2 go: downloading github.com/aws/aws-sdk-go-v2/service/ssooidc v1.34.0 go: downloading github.com/aws/aws-sdk-go-v2/service/sts v1.38.0 go: downloading github.com/go-playground/universal-translator v0.18.1 go: downloading github.com/leodido/go-urn v1.3.0 go: downloading github.com/gabriel-vasile/mimetype v1.4.3 go: downloading github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.19 go: downloading github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.19 go: downloading github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.6 go: downloading github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.19 go: downloading github.com/go-playground/locales v0.14.1 Running Suite: Red Hat App Studio E2E tests - /tmp/tmp.t6iGoTvjvH/cmd ===================================================================== Random Seed: 1777552611 Will run 150 of 467 specs Running in parallel across 20 processes SSSSSSSSSSSSS ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that a Release CR should have been created in the dev namespace [release-pipelines, push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/push_to_external_registry.go:157 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies the release CR is created [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/multiarch_advisories.go:112 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies the multiarch release pipelinerun is running and succeeds [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/multiarch_advisories.go:122 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/multiarch_advisories.go:152 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies if the repository URL is valid [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/multiarch_advisories.go:163 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies if the release CR is created [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rhtap_service_push.go:150 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies the rhtap release pipelinerun is running and succeeds [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rhtap_service_push.go:160 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rhtap_service_push.go:190 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies if the PR in infra-deployments repo is created/updated [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rhtap_service_push.go:200 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that Release PipelineRun should eventually succeed [release-pipelines, push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/push_to_external_registry.go:164 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification tests if the image was pushed to quay [release-pipelines, push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/push_to_external_registry.go:168 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that a Release is marked as succeeded. [release-pipelines, push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/push_to_external_registry.go:175 ------------------------------ SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification tests that Release CR is created for the Snapshot [release-pipelines, rh-push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_external_registry.go:215 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification verifies a release PipelineRun is started and succeeded in managed namespace [release-pipelines, rh-push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_external_registry.go:226 ------------------------------ SSSS ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification validate the result of task create-pyxis-image contains image ids [release-pipelines, rh-push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_external_registry.go:233 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification tests that Release CR has completed [release-pipelines, rh-push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_external_registry.go:248 ------------------------------ SSSSSSSSSSSSSSSS ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification validates that imageIds from task create-pyxis-image exist in Pyxis. [release-pipelines, rh-push-to-external-registry] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_external_registry.go:265 ------------------------------ SSSSSS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:507 ------------------------------ S ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params when context points to a file [build-templates] /tmp/tmp.t6iGoTvjvH/tests/build/tkn-bundle.go:188 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:123 ------------------------------ SS ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles from specific context [build-templates] /tmp/tmp.t6iGoTvjvH/tests/build/tkn-bundle.go:199 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:128 ------------------------------ SSSSS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:132 ------------------------------ S ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params when context is the root directory [build-templates] /tmp/tmp.t6iGoTvjvH/tests/build/tkn-bundle.go:209 ------------------------------ SSSS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:569 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies if release CR is created [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/release_to_github.go:138 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:136 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, aws-host-pool] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:120 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:178 ------------------------------ SSSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, aws-host-pool] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:124 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies the release pipelinerun is running and succeeds [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/release_to_github.go:148 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:183 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:744 ------------------------------ SSSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, aws-host-pool] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:127 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/release_to_github.go:181 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:187 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies if the Release exists in github repo [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/release_to_github.go:192 ------------------------------ SSSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, aws-host-pool] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:148 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created test that cleanup happened successfully [multi-platform, aws-host-pool] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:152 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:191 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:233 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:238 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies if the release CR is created [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_registry_redhat_io.go:108 ------------------------------ SSS ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles when context points to a file and a directory [build-templates] /tmp/tmp.t6iGoTvjvH/tests/build/tkn-bundle.go:218 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, aws-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:251 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, aws-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:255 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:242 ------------------------------ SSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies the rhio release pipelinerun is running and succeeds [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_registry_redhat_io.go:118 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:246 ------------------------------ S ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles when using negation [build-templates] /tmp/tmp.t6iGoTvjvH/tests/build/tkn-bundle.go:228 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, aws-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:259 ------------------------------ SS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:507 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_registry_redhat_io.go:148 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:286 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:291 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, aws-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:263 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params allows overriding HOME environment variable [build-templates] /tmp/tmp.t6iGoTvjvH/tests/build/tkn-bundle.go:238 ------------------------------ SS ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:295 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, aws-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:267 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/fbc_release.go:299 ------------------------------ S ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params allows overriding STEP image [build-templates] /tmp/tmp.t6iGoTvjvH/tests/build/tkn-bundle.go:247 ------------------------------ S ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:569 ------------------------------ S ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies if the MR URL is valid [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_push_to_registry_redhat_io.go:159 ------------------------------ SS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, ibmz-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:341 ------------------------------ SSSSSS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:744 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, ibmz-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:345 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, ibmz-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:349 ------------------------------ SSSSSSSSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies if release CR is created [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_advisories.go:117 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies the advs release pipelinerun is running and succeeds [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_advisories.go:127 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, ibmz-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:353 ------------------------------ SSSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_advisories.go:157 ------------------------------ S ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, ibmz-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:357 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies if the repository URL is valid [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.t6iGoTvjvH/tests/release/pipelines/rh_advisories.go:168 ------------------------------ SSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, ibmp-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:432 ------------------------------ SSSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, ibmp-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:436 ------------------------------ SSSSSSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, ibmp-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:440 ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:507 ------------------------------ SSSS ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, ibmp-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:444 ------------------------------ S ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:569 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, ibmp-dynamic] /tmp/tmp.t6iGoTvjvH/tests/build/multi-platform.go:448 ------------------------------ SSSSS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.t6iGoTvjvH/tests/build/build_templates.go:744 ------------------------------ SS ------------------------------ • [FAILED] [5.822 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build [BeforeAll] when a new component without specified branch is created and with visibility private correctly targets the default branch (that is not named 'main') with PaC [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] [BeforeAll] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:54 [It] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:136 [FAILED] Unexpected error: <*errors.errorString | 0xc000520200>: failed to create test namespace build-e2e-ymbk: error when creating build-e2e-ymbk namespace: Internal error occurred: failed calling webhook "validate.kyverno.svc-fail": failed to call webhook: Post "https://kyverno-svc.kyverno.svc:443/validate/fail?timeout=10s": dial tcp 10.96.216.29:443: connect: connection refused { s: "failed to create test namespace build-e2e-ymbk: error when creating build-e2e-ymbk namespace: Internal error occurred: failed calling webhook \"validate.kyverno.svc-fail\": failed to call webhook: Post \"https://kyverno-svc.kyverno.svc:443/validate/fail?timeout=10s\": dial tcp 10.96.216.29:443: connect: connection refused", } occurred In [BeforeAll] at: /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:60 @ 04/30/26 12:39:20.103 ------------------------------ • [FAILED] [5.823 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate [BeforeAll] when components are created in same namespace creates component with nudges [build-service, renovate, multi-component, gitlab] [BeforeAll] /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:72 [It] /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:235 Timeline >> [FAILED] in [BeforeAll] - /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:74 @ 04/30/26 12:39:20.103 [PANICKED] in [AfterAll] - /opt/app-root/src/go/pkg/mod/github.com/onsi/gomega@v1.39.1/internal/async_assertion.go:333 @ 04/30/26 12:39:20.103 << Timeline [FAILED] Unexpected error: <*errors.errorString | 0xc000c82730>: failed to create test namespace build-e2e-njqo: error when creating build-e2e-njqo namespace: Internal error occurred: failed calling webhook "validate.kyverno.svc-fail": failed to call webhook: Post "https://kyverno-svc.kyverno.svc:443/validate/fail?timeout=10s": dial tcp 10.96.216.29:443: connect: connection refused { s: "failed to create test namespace build-e2e-njqo: error when creating build-e2e-njqo namespace: Internal error occurred: failed calling webhook \"validate.kyverno.svc-fail\": failed to call webhook: Post \"https://kyverno-svc.kyverno.svc:443/validate/fail?timeout=10s\": dial tcp 10.96.216.29:443: connect: connection refused", } occurred In [BeforeAll] at: /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:74 @ 04/30/26 12:39:20.103 There were additional failures detected. To view them in detail run ginkgo -vv ------------------------------ SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:600 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:642 ------------------------------ SS••••••••••••••••••••••••••••••••••••• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created when second component is deleted, pac pr branch should not exist in the repo [build-service, github, pac-build, secret-lookup] /tmp/tmp.t6iGoTvjvH/tests/build/secret_lookup.go:206 ------------------------------ ••••••••••••••••••••••••••••••••••••••••• ------------------------------ • [FAILED] [783.709 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace [It] PAC PipelineRun for parent component is successful [build-service, renovate, multi-component, forgejo] /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:401 Timeline >> PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk found for Component build-e2e-qpkp/fj-multi-component-parent-xdth PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Running PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: PipelineRunStopping PipelineRun fj-multi-component-parent-xdth-on-push-l9hhk reason: Failed attempt 1/3: PipelineRun "fj-multi-component-parent-xdth-on-push-l9hhk" failed: pod: fj-multi-component-parent-xdth-on-pull-request-76d6k-init-pod | init container: prepare 2026/04/30 12:41:38 Entrypoint initialization pod: fj-multi-component-parent-xdth-on-pull-request-76d6k-init-pod | container step-init: time="2026-04-30T12:41:41Z" level=info msg="[param] enable: false" time="2026-04-30T12:41:41Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-30T12:41:41Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-30T12:41:41Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-30T12:41:41Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-30T12:41:41Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-30T12:41:41Z" level=info msg="Cache proxy is disabled via param" time="2026-04-30T12:41:41Z" level=info msg="[result] HTTP PROXY: " time="2026-04-30T12:41:41Z" level=info msg="[result] NO PROXY: " pod: fj-multi-component-parent-xdth-on-push-l9hhk-clamav-scan-pod | init container: prepare 2026/04/30 12:53:50 Entrypoint initialization pod: fj-multi-component-parent-xdth-on-push-l9hhk-clamav-scan-pod | init container: place-scripts 2026/04/30 12:54:09 Decoded script /tekton/scripts/script-0-pvnxk 2026/04/30 12:54:09 Decoded script /tekton/scripts/script-1-m96kr pod: fj-multi-component-parent-xdth-on-push-l9hhk-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Detecting artifact type for quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth@sha256:a8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1. Detected container image. Processing image manifests. Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 26.570 sec (0 m 26 s) Start Date: 2026:04:30 12:55:26 End Date: 2026:04:30 12:55:52 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27986/Wed Apr 29 06:25:43 2026 Database version: 27986 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1777553753","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1777553753","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1777553753","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth:a9d869e61ae0a5b82725b05268e31f3eaf04f363", "digests": ["sha256:a8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1"]}} pod: fj-multi-component-parent-xdth-on-push-l9hhk-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth Attaching to quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth:a9d869e61ae0a5b82725b05268e31f3eaf04f363 [retry] executing: oras attach --no-tty --registry-config /home/taskuser/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth:a9d869e61ae0a5b82725b05268e31f3eaf04f363@sha256:a8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 3d5b864af821 clamscan-ec-test-amd64.json Uploading 856c04d3111f clamscan-result-amd64.log Uploaded 3d5b864af821 clamscan-ec-test-amd64.json Uploaded 856c04d3111f clamscan-result-amd64.log Uploading 3a13af7e9f02 application/vnd.oci.image.manifest.v1+json Uploaded 3a13af7e9f02 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth:a9d869e61ae0a5b82725b05268e31f3eaf04f363@sha256:a8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1 Digest: sha256:3a13af7e9f02c90839d9b7309f6ed752cebbeaebba15801e5a0c04a81f63989b pod: fj-multi-component-parent-xdth-on-push-l9hhk-init-pod | init container: prepare 2026/04/30 12:49:05 Entrypoint initialization pod: fj-multi-component-parent-xdth-on-push-l9hhk-init-pod | container step-init: time="2026-04-30T12:49:08Z" level=info msg="[param] enable: false" time="2026-04-30T12:49:08Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-30T12:49:08Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-30T12:49:08Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-30T12:49:08Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-30T12:49:08Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-30T12:49:08Z" level=info msg="Cache proxy is disabled via param" time="2026-04-30T12:49:08Z" level=info msg="[result] HTTP PROXY: " time="2026-04-30T12:49:08Z" level=info msg="[result] NO PROXY: " pod: fj-multi-component-parent-xdth-on-push-l9hhk-tpa-scan-pod | init container: prepare 2026/04/30 12:53:50 Entrypoint initialization pod: fj-multi-component-parent-xdth-on-push-l9hhk-tpa-scan-pod | init container: place-scripts 2026/04/30 12:54:09 Decoded script /tekton/scripts/script-0-ppv6p 2026/04/30 12:54:09 Decoded script /tekton/scripts/script-1-wks5k 2026/04/30 12:54:09 Decoded script /tekton/scripts/script-2-rbn5t pod: fj-multi-component-parent-xdth-on-push-l9hhk-tpa-scan-pod | container step-get-vulnerabilities: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth@sha256:a8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1. Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Downloading SBOMs this way does not ensure its authenticity. If you want to ensure a tamper-proof SBOM, download it using 'cosign download attestation '. Found SBOM of media type: text/spdx+json Running TPA scan on amd64 image manifest... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed { "scanned" : { "total" : 122, "direct" : 18, "transitive" : 104 }, "providers" : { "rhtpa" : { "status" : { "ok" : true, "name" : "rhtpa", "code" : 200, "message" : "OK", "warnings" : { } }, "sources" : { "redhat-csaf" : { "summary" : { "direct" : 25, "transitive" : 68, "total" : 93, "dependencies" : 27, "critical" : 4, "high" : 27, "medium" : 55, "low" : 7, "remediations" : 0, "recommendations" : 0, "unscanned" : 0 }, "dependencies" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 241k 0 0 100 241k 0 227k 0:00:01 0:00:01 --:--:-- 227k 100 462k 0 220k 100 241k 172k 188k 0:00:01 0:00:01 --:--:-- 360k "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64&distro=rhel-9.6&upstream=libcap-2.48-9.el9_2.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.6&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.6&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64&distro=rhel-9.6&upstream=microdnf-3.9.1-3.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "issues" : [ { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false }, { "id" : "CVE-2025-49794", "title" : "Libxml: heap use after free (uaf) leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49794" ], "unique" : false }, { "id" : "CVE-2025-49796", "title" : "Libxml: type confusion leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49796" ], "unique" : false }, { "id" : "CVE-2024-56171", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2024-56171" ], "unique" : false }, { "id" : "CVE-2025-24928", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-24928" ], "unique" : false }, { "id" : "CVE-2025-7425", "title" : "Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-7425" ], "unique" : false }, { "id" : "CVE-2025-32415", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-32415" ], "unique" : false }, { "id" : "CVE-2025-49795", "title" : "Libxml: null pointer dereference leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-49795" ], "unique" : false }, { "id" : "CVE-2025-6021", "title" : "Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6021" ], "unique" : false }, { "id" : "CVE-2025-7424", "title" : "Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-7424" ], "unique" : false }, { "id" : "CVE-2025-9714", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9714" ], "unique" : false }, { "id" : "CVE-2026-1757", "title" : "Libxml2: memory leak leading to local denial of service in xmllint interactive shell", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2026-1757" ], "unique" : false }, { "id" : "CVE-2026-0990", "title" : "Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0990" ], "unique" : false }, { "id" : "CVE-2025-32414", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32414" ], "unique" : false }, { "id" : "CVE-2025-26434", "title" : "In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-26434" ], "unique" : false }, { "id" : "CVE-2026-0989", "title" : "Libxml2: unbounded relaxng include recursion leading to stack overflow", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-0989" ], "unique" : false }, { "id" : "CVE-2026-0992", "title" : "Libxml2: libxml2: denial of service via crafted xml catalogs", "source" : "redhat-csaf", "cvssScore" : 2.9, "severity" : "LOW", "cves" : [ "CVE-2026-0992" ], "unique" : false }, { "id" : "CVE-2025-6170", "title" : "Libxml2: stack buffer overflow in xmllint interactive shell command handling", "source" : "redhat-csaf", "cvssScore" : 2.5, "severity" : "LOW", "cves" : [ "CVE-2025-6170" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-24882", "source" : "redhat-csaf", "cvssScore" : 8.4, "severity" : "HIGH", "cves" : [ "CVE-2026-24882" ], "unique" : false }, { "id" : "CVE-2025-68973", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-68973" ], "unique" : false }, { "id" : "CVE-2025-68972", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68972" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-24882", "source" : "redhat-csaf", "cvssScore" : 8.4, "severity" : "HIGH", "cves" : [ "CVE-2026-24882" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "issues" : [ { "id" : "CVE-2025-5914", "title" : "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-5914" ], "unique" : false }, { "id" : "CVE-2026-4111", "title" : "Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-4111" ], "unique" : false }, { "id" : "CVE-2026-4424", "title" : "Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-4424" ], "unique" : false }, { "id" : "CVE-2026-5121", "title" : "Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-5121" ], "unique" : false }, { "id" : "CVE-2025-60753", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-60753" ], "unique" : false }, { "id" : "CVE-2024-57970", "title" : "libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-57970" ], "unique" : false }, { "id" : "CVE-2025-25724", "title" : "list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-25724" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5914", "title" : "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-5914" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-13601", "title" : "Glib: integer overflow in in g_escape_uri_string()", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-13601" ], "unique" : false }, { "id" : "CVE-2024-52533", "title" : "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2024-52533" ], "unique" : false }, { "id" : "CVE-2025-14512", "title" : "Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14512" ], "unique" : false }, { "id" : "CVE-2025-14087", "title" : "Glib: glib: buffer underflow in gvariant parser leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14087" ], "unique" : false }, { "id" : "CVE-2025-4373", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4373" ], "unique" : false }, { "id" : "CVE-2025-7039", "title" : "Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2025-7039" ], "unique" : false }, { "id" : "CVE-2026-0988", "title" : "Glib: glib: denial of service via integer overflow in g_buffered_input_stream_peek()", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-0988" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13601", "title" : "Glib: integer overflow in in g_escape_uri_string()", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-13601" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.6&upstream=xz-5.2.5-8.el9_0.src.rpm", "issues" : [ { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libnghttp2@1.43.0-6.el9?arch=x86_64&distro=rhel-9.6&upstream=nghttp2-1.43.0-6.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-27135", "title" : "nghttp2 Denial of service: Assertion failure due to the missing state validation", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-27135" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-27135", "title" : "nghttp2 Denial of service: Assertion failure due to the missing state validation", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-27135" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64&distro=rhel-9.6&upstream=libgcrypt-1.10.0-11.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64&distro=rhel-9.6&upstream=libcap-2.48-9.el9_2.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-32988", "title" : "Gnutls: vulnerability in gnutls othername san export", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32988" ], "unique" : false }, { "id" : "CVE-2025-32990", "title" : "Gnutls: vulnerability in gnutls certtool template parsing", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32990" ], "unique" : false }, { "id" : "CVE-2025-6395", "title" : "Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6395" ], "unique" : false }, { "id" : "CVE-2025-14831", "title" : "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14831" ], "unique" : false }, { "id" : "CVE-2025-32989", "title" : "Gnutls: vulnerability in gnutls sct extension parsing", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32989" ], "unique" : false }, { "id" : "CVE-2025-9820", "title" : "Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9820" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-32988", "title" : "Gnutls: vulnerability in gnutls othername san export", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32988" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false }, { "id" : "CVE-2026-27456", "title" : "util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-27456" ], "unique" : false }, { "id" : "CVE-2026-3184", "title" : "Util-linux: util-linux: access control bypass due to improper hostname canonicalization", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-3184" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libsmartcols@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libmount@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libuuid@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.6&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.21.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=krb5-1.21.1-8.el9_6.src.rpm", "issues" : [ { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.6&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "issues" : [ { "id" : "CVE-2025-9086", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-9086", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "issues" : [ { "id" : "CVE-2025-9086", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-9086", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/shadow-utils@4.9-12.el9?arch=x86_64&distro=rhel-9.6&epoch=2&upstream=shadow-utils-4.9-12.el9.src.rpm", "issues" : [ { "id" : "CVE-2024-56433", "title" : "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "source" : "redhat-csaf", "cvssScore" : 3.6, "severity" : "LOW", "cves" : [ "CVE-2024-56433" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-56433", "title" : "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "source" : "redhat-csaf", "cvssScore" : 3.6, "severity" : "LOW", "cves" : [ "CVE-2024-56433" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=systemd-252-51.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-4598", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4598" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64&distro=rhel-9.6&upstream=libgcrypt-1.10.0-11.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.6&upstream=xz-5.2.5-8.el9_0.src.rpm", "issues" : [ { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64&distro=rhel-9.6&upstream=libcap-2.48-9.el9_2.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.6&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.6&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64&distro=rhel-9.6&upstream=cyrus-sasl-2.1.27-21.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64&distro=rhel-9.6&upstream=libcap-2.48-9.el9_2.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.21.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=krb5-1.21.1-8.el9_6.src.rpm", "issues" : [ { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.6&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.6&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64&distro=rhel-9.6&upstream=libusbx-1.0.26-1.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64&distro=rhel-9.6&upstream=libgcrypt-1.10.0-11.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.6&upstream=xz-5.2.5-8.el9_0.src.rpm", "issues" : [ { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64&distro=rhel-9.6&upstream=libcap-2.48-9.el9_2.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.6&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.6&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=systemd-252-51.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-4598", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4598" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-4598", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4598" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64&distro=rhel-9.6&upstream=libksba-1.5.1-7.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64&distro=rhel-9.6&upstream=zstd-1.5.5-1.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch&distro=rhel-9.6&upstream=rootfiles-8.1-34.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64&distro=rhel-9.6&upstream=bzip2-1.0.8-10.el9_5.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false }, { "id" : "CVE-2026-27456", "title" : "util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-27456" ], "unique" : false }, { "id" : "CVE-2026-3184", "title" : "Util-linux: util-linux: access control bypass due to improper hostname canonicalization", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-3184" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64&distro=rhel-9.6&upstream=libcap-2.48-9.el9_2.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libuuid@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.6&upstream=xz-5.2.5-8.el9_0.src.rpm", "issues" : [ { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-32988", "title" : "Gnutls: vulnerability in gnutls othername san export", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32988" ], "unique" : false }, { "id" : "CVE-2025-32990", "title" : "Gnutls: vulnerability in gnutls certtool template parsing", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32990" ], "unique" : false }, { "id" : "CVE-2025-6395", "title" : "Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6395" ], "unique" : false }, { "id" : "CVE-2025-14831", "title" : "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14831" ], "unique" : false }, { "id" : "CVE-2025-32989", "title" : "Gnutls: vulnerability in gnutls sct extension parsing", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32989" ], "unique" : false }, { "id" : "CVE-2025-9820", "title" : "Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9820" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.6&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.6&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libsemanage-3.6-5.el9_6.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } } ] } } } }, "licenses" : [ { "status" : { "ok" : true, "name" : "deps.dev", "code" : 200, "message" : "OK", "warnings" : { } }, "summary" : { "total" : 0, "concluded" : 110, "permissive" : 0, "weakCopyleft" : 0, "strongCopyleft" : 0, "unknown" : 0, "deprecated" : 0, "osiApproved" : 0, "fsfLibre" : 0 }, "packages" : { "pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64&distro=rhel-9.6&upstream=libksba-1.5.1-7.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64&distro=rhel-9.6&upstream=libcap-2.48-9.el9_2.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libffi@3.4.2-8.el9?arch=x86_64&distro=rhel-9.6&upstream=libffi-3.4.2-8.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/dejavu-sans-fonts@2.37-18.el9?arch=noarch&distro=rhel-9.6&upstream=dejavu-fonts-2.37-18.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libstdc%2B%2B@11.5.0-5.el9_5?arch=x86_64&distro=rhel-9.6&upstream=gcc-11.5.0-5.el9_5.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/langpacks-core-en@3.0-16.el9?arch=noarch&distro=rhel-9.6&upstream=langpacks-3.0-16.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsepol@3.6-2.el9?arch=x86_64&distro=rhel-9.6&upstream=libsepol-3.6-2.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/rpm-libs@4.16.1.3-37.el9?arch=x86_64&distro=rhel-9.6&upstream=rpm-4.16.1.3-37.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/lz4-libs@1.9.3-5.el9?arch=x86_64&distro=rhel-9.6&upstream=lz4-1.9.3-5.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libtool-ltdl@2.4.6-46.el9?arch=x86_64&distro=rhel-9.6&upstream=libtool-2.4.6-46.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gobject-introspection@1.68.0-11.el9?arch=x86_64&distro=rhel-9.6&upstream=gobject-introspection-1.68.0-11.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.6&upstream=xz-5.2.5-8.el9_0.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64&distro=rhel-9.6&upstream=zstd-1.5.5-1.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libdnf@0.69.0-13.el9?arch=x86_64&distro=rhel-9.6&upstream=libdnf-0.69.0-13.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64&distro=rhel-9.6&upstream=libusbx-1.0.26-1.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gdbm-libs@1.23-1.el9?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=gdbm-1.23-1.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/zlib@1.2.11-40.el9?arch=x86_64&distro=rhel-9.6&upstream=zlib-1.2.11-40.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libverto@0.3.2-3.el9?arch=x86_64&distro=rhel-9.6&upstream=libverto-0.3.2-3.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/redhat-release@9.6-0.1.el9?arch=x86_64&distro=rhel-9.6&upstream=redhat-release-9.6-0.1.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gpg-pubkey@fd431d51-4ae0493b?distro=rhel-9.2" : { "evidence" : [ ] }, "pkg:rpm/redhat/gpg-pubkey@5a6340b3-6229229e?distro=rhel-9.6" : { "evidence" : [ ] }, "pkg:rpm/redhat/popt@1.18-8.el9?arch=x86_64&distro=rhel-9.2&upstream=popt-1.18-8.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libnghttp2@1.43.0-6.el9?arch=x86_64&distro=rhel-9.6&upstream=nghttp2-1.43.0-6.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/nettle@3.10.1-1.el9?arch=x86_64&distro=rhel-9.6&upstream=nettle-3.10.1-1.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libyaml@0.2.5-7.el9?arch=x86_64&distro=rhel-9.6&upstream=libyaml-0.2.5-7.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libuuid@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/ca-certificates@2024.2.69_v8.0.303-91.4.el9_4?arch=noarch&distro=rhel-9.6&upstream=ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/filesystem@3.16-5.el9?arch=x86_64&distro=rhel-9.6&upstream=filesystem-3.16-5.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64&distro=rhel-9.6&upstream=cyrus-sasl-2.1.27-21.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/audit-libs@3.1.5-4.el9?arch=x86_64&distro=rhel-9.6&upstream=audit-3.1.5-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/sed@4.8-9.el9?arch=x86_64&distro=rhel-9.6&upstream=sed-4.8-9.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gmp@6.2.0-13.el9?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=gmp-6.2.0-13.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=x86_64&distro=rhel-9.6&upstream=openssl-fips-provider-3.0.7-6.el9_5.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.6&upstream=p11-kit-0.25.3-3.el9_5.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgcc@11.5.0-5.el9_5?arch=x86_64&distro=rhel-9.6&upstream=gcc-11.5.0-5.el9_5.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libmount@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/dnf-data@4.14.0-25.el9?arch=noarch&distro=rhel-9.6&upstream=dnf-4.14.0-25.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gawk@5.1.0-6.el9?arch=x86_64&distro=rhel-9.6&upstream=gawk-5.1.0-6.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/krb5-libs@1.21.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=krb5-1.21.1-8.el9_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libreport-filesystem@2.15.2-6.el9?arch=noarch&distro=rhel-9.6&upstream=libreport-2.15.2-6.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/setup@2.13.7-10.el9?arch=noarch&distro=rhel-9.6&upstream=setup-2.13.7-10.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/json-c@0.14-11.el9?arch=x86_64&distro=rhel-9.6&upstream=json-c-0.14-11.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/langpacks-core-font-en@3.0-16.el9?arch=noarch&distro=rhel-9.6&upstream=langpacks-3.0-16.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libselinux@3.6-3.el9?arch=x86_64&distro=rhel-9.6&upstream=libselinux-3.6-3.el9.src.rpm" : { "evidence" : [ ] }, "pkg:oci/fj-multi-component-parent-xdth@sha256%3Aa8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1" : { "evidence" : [ ] }, "pkg:rpm/redhat/grep@3.6-5.el9?arch=x86_64&distro=rhel-9.6&upstream=grep-3.6-5.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/mpfr@4.1.0-7.el9?arch=x86_64&distro=rhel-9.6&upstream=mpfr-4.1.0-7.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/alternatives@1.24-2.el9?arch=x86_64&distro=rhel-9.6&upstream=chkconfig-1.24-2.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9_6.2.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/librepo@1.14.5-2.el9?arch=x86_64&distro=rhel-9.6&upstream=librepo-1.14.5-2.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libevent@2.1.12-8.el9_4?arch=x86_64&distro=rhel-9.6&upstream=libevent-2.1.12-8.el9_4.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64&distro=rhel-9.6&upstream=microdnf-3.9.1-3.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/langpacks-en@3.0-16.el9?arch=noarch&distro=rhel-9.6&upstream=langpacks-3.0-16.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/keyutils-libs@1.6.3-1.el9?arch=x86_64&distro=rhel-9.6&upstream=keyutils-1.6.3-1.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsmartcols@2.37.4-21.el9?arch=x86_64&distro=rhel-9.6&upstream=util-linux-2.37.4-21.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/librhsm@0.0.3-9.el9?arch=x86_64&distro=rhel-9.6&upstream=librhsm-0.0.3-9.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libattr@2.5.1-3.el9?arch=x86_64&distro=rhel-9.2&upstream=attr-2.5.1-3.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsigsegv@2.13-4.el9?arch=x86_64&distro=rhel-9.6&upstream=libsigsegv-2.13-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcom_err@1.46.5-7.el9?arch=x86_64&distro=rhel-9.6&upstream=e2fsprogs-1.46.5-7.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/file-libs@5.39-16.el9?arch=x86_64&distro=rhel-9.6&upstream=file-5.39-16.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libassuan@2.5.5-3.el9?arch=x86_64&distro=rhel-9.6&upstream=libassuan-2.5.5-3.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm" : { "evidence" : [ ] }, "pkg:oci/ubi-minimal@sha256%3A34880b64c07f28f64d95737f82f891516de9a3b43583f39970f7bf8e4cfa48b7?repository_url=registry.access.redhat.com%2Fubi9%2Fubi-minimal" : { "evidence" : [ ] }, "pkg:rpm/redhat/libpeas@1.30.0-4.el9?arch=x86_64&distro=rhel-9.6&upstream=libpeas-1.30.0-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsolv@0.7.24-3.el9?arch=x86_64&distro=rhel-9.6&upstream=libsolv-0.7.24-3.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64&distro=rhel-9.6&upstream=glibc-2.34-168.el9_6.23.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/lua-libs@5.4.4-4.el9?arch=x86_64&distro=rhel-9.6&upstream=lua-5.4.4-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/crypto-policies@20250128-1.git5269e22.el9?arch=noarch&distro=rhel-9.6&upstream=crypto-policies-20250128-1.git5269e22.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gpgme@1.15.1-6.el9?arch=x86_64&distro=rhel-9.6&upstream=gpgme-1.15.1-6.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=x86_64&distro=rhel-9.6&upstream=coreutils-8.32-39.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libmodulemd@2.13.0-2.el9?arch=x86_64&distro=rhel-9.2&upstream=libmodulemd-2.13.0-2.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgpg-error@1.42-5.el9?arch=x86_64&distro=rhel-9.6&upstream=libgpg-error-1.42-5.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/fonts-filesystem@2.0.5-7.el9.1?arch=noarch&distro=rhel-9.6&epoch=1&upstream=fonts-rpm-macros-2.0.5-7.el9.1.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/npth@1.6-8.el9?arch=x86_64&distro=rhel-9.6&upstream=npth-1.6-8.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libidn2@2.3.0-7.el9?arch=x86_64&distro=rhel-9.2&upstream=libidn2-2.3.0-7.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/openldap@2.6.8-4.el9?arch=x86_64&distro=rhel-9.6&upstream=openldap-2.6.8-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libacl@2.3.1-4.el9?arch=x86_64&distro=rhel-9.6&upstream=acl-2.3.1-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/p11-kit-trust@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.6&upstream=p11-kit-0.25.3-3.el9_5.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/pcre@8.44-4.el9?arch=x86_64&distro=rhel-9.6&upstream=pcre-8.44-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/readline@8.1-4.el9?arch=x86_64&distro=rhel-9.6&upstream=readline-8.1-4.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=systemd-252-51.el9_6.2.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch&distro=rhel-9.6&upstream=rootfiles-8.1-34.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64&distro=rhel-9.6&upstream=bzip2-1.0.8-10.el9_5.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcap-ng@0.8.2-7.el9?arch=x86_64&distro=rhel-9.6&upstream=libcap-ng-0.8.2-7.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/basesystem@11-13.el9?arch=noarch&distro=rhel-9.6&upstream=basesystem-11-13.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/json-glib@1.6.6-1.el9?arch=x86_64&distro=rhel-9.2&upstream=json-glib-1.6.6-1.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libunistring@0.9.10-15.el9?arch=x86_64&distro=rhel-9.6&upstream=libunistring-0.9.10-15.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64&distro=rhel-9.6&upstream=libgcrypt-1.10.0-11.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/rpm@4.16.1.3-37.el9?arch=x86_64&distro=rhel-9.6&upstream=rpm-4.16.1.3-37.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libsemanage-3.6-5.el9_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/bash@5.1.8-9.el9?arch=x86_64&distro=rhel-9.6&upstream=bash-5.1.8-9.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/tzdata@2025b-1.el9?arch=noarch&distro=rhel-9.6&upstream=tzdata-2025b-1.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.6&upstream=libtasn1-4.16.0-9.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=x86_64&distro=rhel-9.6&upstream=openssl-fips-provider-3.0.7-6.el9_5.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/shadow-utils@4.9-12.el9?arch=x86_64&distro=rhel-9.6&epoch=2&upstream=shadow-utils-4.9-12.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libxcrypt@4.4.18-3.el9?arch=x86_64&distro=rhel-9.6&upstream=libxcrypt-4.4.18-3.el9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm" : { "evidence" : [ ] } } } ] } pod: fj-multi-component-parent-xdth-on-push-l9hhk-tpa-scan-pod | container step-oci-attach-report: Using token for quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth Attaching tpa-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth@sha256:a8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1 [retry] executing: oras attach --no-tty --format go-template=\{\{.digest\}\} --registry-config /tmp/auth/config.json --artifact-type application/vnd.redhat.tpa-report+json quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth@sha256:a8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1 tpa-report-amd64.json:application/vnd.redhat.tpa-report+json pod: fj-multi-component-parent-xdth-on-push-l9hhk-tpa-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/tpa-report-amd64.json", "namespace": "required_checks", "successes": 4, "warnings": [ { "msg": "Found 4 critical vulnerabilities.", "metadata": { "details": { "description": "Source: redhat-csaf. Affected dependencies: pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [direct] (CVE-2025-15467), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-15467), pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libxml2-2.9.13-12.el9_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2024-40896, CVE-2025-49794, CVE-2025-49796), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2025-15467), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2025-15467), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-15467)", "name": "rhtpa_critical_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 4 } }, { "msg": "Found 24 high vulnerabilities.", "metadata": { "details": { "description": "Source: redhat-csaf. Affected dependencies: pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [direct] (CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm [direct] (CVE-2025-31115), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libxml2-2.9.13-12.el9_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2024-56171, CVE-2025-24928, CVE-2025-7425, CVE-2025-32415, CVE-2025-49795, CVE-2025-6021, CVE-2025-7424), pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnupg2-2.3.3-4.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-24882, CVE-2025-68973), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libarchive-3.5.3-6.el9_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-5914, CVE-2026-4111, CVE-2026-4424, CVE-2026-5121), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glib2-2.68.4-16.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-13601, CVE-2024-52533), pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=sqlite-3.34.1-8.el9_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-6965, CVE-2025-3277), pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-31115), pkg:rpm/redhat/libnghttp2@1.43.0-6.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=nghttp2-1.43.0-6.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-27135), pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libgcrypt-1.10.0-11.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-41989), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libgcrypt-1.10.0-11.el9.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2026-41989), pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2025-31115), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libgcrypt-1.10.0-11.el9.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2026-41989), pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-31115), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libksba-1.5.1-7.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libksba-1.5.1-7.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libksba-1.5.1-7.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libksba-1.5.1-7.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libksba-1.5.1-7.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=zstd-1.5.5-1.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=zstd-1.5.5-1.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=zstd-1.5.5-1.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=zstd-1.5.5-1.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=zstd-1.5.5-1.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=rootfiles-8.1-34.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=rootfiles-8.1-34.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=rootfiles-8.1-34.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=rootfiles-8.1-34.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=rootfiles-8.1-34.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=bzip2-1.0.8-10.el9_5.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=bzip2-1.0.8-10.el9_5.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=bzip2-1.0.8-10.el9_5.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=bzip2-1.0.8-10.el9_5.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=bzip2-1.0.8-10.el9_5.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libsemanage-3.6-5.el9_6.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libsemanage-3.6-5.el9_6.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libsemanage-3.6-5.el9_6.src.rpm] (CVE-2026-0861), pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9_6.2?arch=noarch\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libsemanage-3.6-5.el9_6.src.rpm] (CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=ncurses-6.2-10.20210508.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libsemanage-3.6-5.el9_6.src.rpm] (CVE-2025-69720)", "name": "rhtpa_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 24 } }, { "msg": "Found 45 medium vulnerabilities.", "metadata": { "details": { "description": "Source: redhat-csaf. Affected dependencies: pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [direct] (CVE-2025-69421, CVE-2025-11187, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2025-9230, CVE-2025-15469, CVE-2026-22795, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm [direct] (CVE-2025-4598), pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm [direct] (CVE-2025-14104, CVE-2026-27456), pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm [direct] (CVE-2025-32988, CVE-2025-32990, CVE-2025-6395, CVE-2025-14831, CVE-2025-32989, CVE-2025-9820), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libcap-2.48-9.el9_2.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2026-4878), pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libtasn1-4.16.0-9.el9.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2025-13151), pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=p11-kit-0.25.3-3.el9_5.src.rpm [transitive via pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm] (CVE-2026-2100), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-69421, CVE-2025-11187, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2025-9230, CVE-2025-15469, CVE-2026-22795, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libxml2-2.9.13-12.el9_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-9714, CVE-2026-1757, CVE-2026-0990, CVE-2025-32414, CVE-2025-26434), pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnupg2-2.3.3-4.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-68972), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libarchive-3.5.3-6.el9_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-60753, CVE-2024-57970, CVE-2025-25724), pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glib2-2.68.4-16.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-14512, CVE-2025-14087, CVE-2025-4373), pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libcap-2.48-9.el9_2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-4878), pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-32988, CVE-2025-32990, CVE-2025-6395, CVE-2025-14831, CVE-2025-32989, CVE-2025-9820), pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-14104, CVE-2026-27456), pkg:rpm/redhat/libsmartcols@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/libmount@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/libuuid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libtasn1-4.16.0-9.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-13151), pkg:rpm/redhat/krb5-libs@1.21.1-8.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=krb5-1.21.1-8.el9_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-3576), pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=p11-kit-0.25.3-3.el9_5.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-2100), pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=curl-7.76.1-31.el9_6.1.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-9086), pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=curl-7.76.1-31.el9_6.1.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-9086), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2025-69421, CVE-2025-11187, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2025-9230, CVE-2025-15469, CVE-2026-22795, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libcap-2.48-9.el9_2.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2026-4878), pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libtasn1-4.16.0-9.el9.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2025-13151), pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=p11-kit-0.25.3-3.el9_5.src.rpm [transitive via pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm] (CVE-2026-2100), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2025-69421, CVE-2025-11187, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2025-9230, CVE-2025-15469, CVE-2026-22795, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libcap-2.48-9.el9_2.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2026-4878), pkg:rpm/redhat/krb5-libs@1.21.1-8.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=krb5-1.21.1-8.el9_6.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2025-3576), pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libtasn1-4.16.0-9.el9.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2025-13151), pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=p11-kit-0.25.3-3.el9_5.src.rpm [transitive via pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=cyrus-sasl-2.1.27-21.el9.src.rpm] (CVE-2026-2100), pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=1\u0026upstream=openssl-3.2.2-6.el9_5.1.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-69421, CVE-2025-11187, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2025-9230, CVE-2025-15469, CVE-2026-22795, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libcap-2.48-9.el9_2.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2026-4878), pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libtasn1-4.16.0-9.el9.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-13151), pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=p11-kit-0.25.3-3.el9_5.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2026-2100), pkg:rpm/redhat/systemd-libs@252-51.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=systemd-252-51.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libusbx-1.0.26-1.el9.src.rpm] (CVE-2025-4598), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libksba-1.5.1-7.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libksba-1.5.1-7.el9.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libksba@1.5.1-7.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libksba-1.5.1-7.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=zstd-1.5.5-1.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=zstd-1.5.5-1.el9.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=zstd-1.5.5-1.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=rootfiles-8.1-34.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=rootfiles-8.1-34.el9.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-34.el9?arch=noarch\u0026distro=rhel-9.6\u0026upstream=rootfiles-8.1-34.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=bzip2-1.0.8-10.el9_5.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=bzip2-1.0.8-10.el9_5.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=bzip2-1.0.8-10.el9_5.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/libcap@2.48-9.el9_2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libcap-2.48-9.el9_2.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2026-4878), pkg:rpm/redhat/libuuid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm [transitive via pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=xz-5.2.5-8.el9_0.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libtasn1-4.16.0-9.el9.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2025-13151), pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=p11-kit-0.25.3-3.el9_5.src.rpm [transitive via pkg:rpm/redhat/gnutls@3.8.3-6.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=gnutls-3.8.3-6.el9_6.2.src.rpm] (CVE-2026-2100), pkg:rpm/redhat/glibc-common@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libsemanage-3.6-5.el9_6.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058), pkg:rpm/redhat/glibc@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libsemanage-3.6-5.el9_6.src.rpm] (CVE-2026-4437, CVE-2025-15281, CVE-2026-3904, CVE-2026-5435, CVE-2025-5702, CVE-2026-0915, CVE-2025-8058, CVE-2026-4438), pkg:rpm/redhat/glibc-minimal-langpack@2.34-168.el9_6.23?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glibc-2.34-168.el9_6.23.src.rpm [transitive via pkg:rpm/redhat/libsemanage@3.6-5.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libsemanage-3.6-5.el9_6.src.rpm] (CVE-2025-5702, CVE-2026-0915, CVE-2025-8058)", "name": "rhtpa_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 45 } }, { "msg": "Found 7 low vulnerabilities.", "metadata": { "details": { "description": "Source: redhat-csaf. Affected dependencies: pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm [direct] (CVE-2026-3184), pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=libxml2-2.9.13-12.el9_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-0989, CVE-2026-0992, CVE-2025-6170), pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=glib2-2.68.4-16.el9_6.2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2025-7039, CVE-2026-0988), pkg:rpm/redhat/libblkid@2.37.4-21.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=util-linux-2.37.4-21.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2026-3184), pkg:rpm/redhat/shadow-utils@4.9-12.el9?arch=x86_64\u0026distro=rhel-9.6\u0026epoch=2\u0026upstream=shadow-utils-4.9-12.el9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64\u0026distro=rhel-9.6\u0026upstream=microdnf-3.9.1-3.el9.src.rpm] (CVE-2024-56433)", "name": "rhtpa_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 7 } } ] } ] {"vulnerabilities":{"critical":4,"high":24,"medium":45,"low":7,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-qpkp/fj-multi-component-parent-xdth:a9d869e61ae0a5b82725b05268e31f3eaf04f363", "digests": ["sha256:a8a6bedecc465f44b2d666cebb790fa161fc1770a922eb11086181a5b62b51e1"]}} {"result":"SUCCESS","timestamp":"2026-04-30T12:55:06+00:00","note":"Task tpa-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by TPA.","namespace":"default","successes":0,"failures":0,"warnings":0} [FAILED] in [It] - /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:403 @ 04/30/26 13:01:16.825 << Timeline [FAILED] Expected success, but got an error: <*errors.errorString | 0xc001c8c030>: unable to retrigger pipelinerun for component build-e2e-qpkp:fj-multi-component-parent-xdth: timed out waiting for new PipelineRun to appear after retriggering it for component build-e2e-qpkp:fj-multi-component-parent-xdth { s: "unable to retrigger pipelinerun for component build-e2e-qpkp:fj-multi-component-parent-xdth: timed out waiting for new PipelineRun to appear after retriggering it for component build-e2e-qpkp:fj-multi-component-parent-xdth", } In [It] at: /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:403 @ 04/30/26 13:01:16.825 ------------------------------ SSS•• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:600 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:642 ------------------------------ ••••••••••••••• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:600 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:642 ------------------------------ • ------------------------------ • [FAILED] [300.818 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the component is removed [It] purge PR is created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:679 [FAILED] Timed out after 300.001s. timed out when waiting for purge PR with traget branch base-uyitou to be created in konflux-qe/devfile-sample-hello-world-eqdrkb repository Expected : false to be true In [It] at: /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:692 @ 04/30/26 13:11:51.732 ------------------------------ • [FAILED] [1011.986 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] the PipelineRun should eventually finish successfully for component python-component-trnhus [build-service, github, pac-build, multi-component] /tmp/tmp.t6iGoTvjvH/tests/build/multi_component.go:159 Timeline >> PipelineRun python-component-trnhus-on-pull-request-vtl8t found for Component build-e2e-itss/python-component-trnhus PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Running PipelineRun python-component-trnhus-on-pull-request-vtl8t reason: Failed attempt 1/3: PipelineRun "python-component-trnhus-on-pull-request-vtl8t" failed: pod: python-component-trnhus-on-4ce42263553c66dd17316179110b27ad-pod | init container: prepare 2026/04/30 13:07:12 Entrypoint initialization pod: python-component-trnhus-on-4ce42263553c66dd17316179110b27ad-pod | init container: place-scripts 2026/04/30 13:07:23 Decoded script /tekton/scripts/script-1-7hc59 2026/04/30 13:07:23 Decoded script /tekton/scripts/script-2-tbxw2 2026/04/30 13:07:23 Decoded script /tekton/scripts/script-3-5s8kj 2026/04/30 13:07:23 Decoded script /tekton/scripts/script-4-dstzn 2026/04/30 13:07:23 Decoded script /tekton/scripts/script-5-k9ftb pod: python-component-trnhus-on-4ce42263553c66dd17316179110b27ad-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus Executing: oras blob fetch --registry-config /tmp/use-oci.sh.Gtf5zS/auth-w0uGph.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:4ab2c8ffa209381241e452c5d5e213e14ccb7640b96cd863defb26c7bb223fbf --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:4ab2c8ffa209381241e452c5d5e213e14ccb7640b96cd863defb26c7bb223fbf to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: python-component-trnhus-on-4ce42263553c66dd17316179110b27ad-pod | container step-build: [2026-04-30T13:07:35,072207256+00:00] Validate context path [2026-04-30T13:07:35,075630154+00:00] Update CA trust [2026-04-30T13:07:35,076645005+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-30T13:07:39,893689244+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-30T13:07:39,914116139+00:00] Prepare system (architecture: x86_64) [2026-04-30T13:07:40,015277241+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/python-39:1-117.1684741281... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:8a2e9815396eaa57b0dfe27b2dfc442417f06aa70974c358f198980b533c7942 Copying blob sha256:5465449a2ea5d8a7e05fa498c8ba35f0ce7714b0ad37e716961fca17dfa1ef13 Copying blob sha256:a07d808ddf4404b3885fef6100142a973cc667b2c3c4abcf4db96508795b1efb Copying blob sha256:085efe85e9dfb0b3d5d2392e4b78660a3091bf1ded336315117a627fbdd0567d Copying config sha256:45c8f23c11bb64f238236aaf5cbe05595778e1d4fb6c06109c6fcc0a6b57a45b Writing manifest to image destination Storing signatures [2026-04-30T13:08:26,854304517+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-30T13:07:40Z", "com.redhat.component": "python-39-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.buildpacks.stack.id": "com.redhat.stacks.ubi9-python-39", "io.k8s.description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "io.k8s.display-name": "Python 3.9", "io.openshift.expose-services": "8080:http", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,python,python39,python-39,rh-python39", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "SoftwareCollections.org ", "name": "ubi9/python-39", "release": "117.1684741281", "summary": "Platform for building and running Python 3.9 applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi9/python-39/images/1-117.1684741281", "usage": "s2i build https://github.com/sclorg/s2i-python-container.git --context-dir=3.9/test/setup-test-app/ ubi9/python-39 python-sample-app", "vcs-ref": "2e6ebe8f1dad22874070019e4ee607f29ed3546d", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1", "org.opencontainers.image.revision": "2e6ebe8f1dad22874070019e4ee607f29ed3546d", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2026-04-30T13:07:40Z" } [2026-04-30T13:08:26,985697858+00:00] Register sub-man Adding the entitlement to the build [2026-04-30T13:08:26,988863869+00:00] Add secrets [2026-04-30T13:08:27,219941997+00:00] Run buildah build [2026-04-30T13:08:27,221409505+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=2e6ebe8f1dad22874070019e4ee607f29ed3546d --label org.opencontainers.image.revision=2e6ebe8f1dad22874070019e4ee607f29ed3546d --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-04-30T13:07:40Z --label org.opencontainers.image.created=2026-04-30T13:07:40Z --annotation org.opencontainers.image.revision=2e6ebe8f1dad22874070019e4ee607f29ed3546d --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-04-30T13:07:40Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.8zWGZU -t quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-2e6ebe8f1dad22874070019e4ee607f29ed3546d . STEP 1/10: FROM registry.access.redhat.com/ubi9/python-39:1-117.1684741281 STEP 2/10: EXPOSE 8081/tcp STEP 3/10: ENV FLASK_PORT=8081 STEP 4/10: WORKDIR /projects STEP 5/10: COPY . . STEP 6/10: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting Flask==2.3.3 Downloading flask-2.3.3-py3-none-any.whl (96 kB) Collecting click>=8.1.3 Downloading click-8.1.8-py3-none-any.whl (98 kB) Collecting blinker>=1.6.2 Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Collecting itsdangerous>=2.1.2 Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting Jinja2>=3.1.2 Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Collecting importlib-metadata>=3.6.0 Downloading importlib_metadata-8.7.1-py3-none-any.whl (27 kB) Collecting Werkzeug>=2.3.7 Downloading werkzeug-3.1.8-py3-none-any.whl (226 kB) Collecting zipp>=3.20 Downloading zipp-3.23.1-py3-none-any.whl (10 kB) Collecting MarkupSafe>=2.0 Downloading markupsafe-3.0.3-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (20 kB) Installing collected packages: zipp, MarkupSafe, Werkzeug, Jinja2, itsdangerous, importlib-metadata, click, blinker, Flask Successfully installed Flask-2.3.3 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.8 blinker-1.9.0 click-8.1.8 importlib-metadata-8.7.1 itsdangerous-2.2.0 zipp-3.23.1 WARNING: You are using pip version 21.3.1; however, version 26.0.1 is available. You should consider upgrading via the '/opt/app-root/bin/python3.9 -m pip install --upgrade pip' command. STEP 7/10: CMD [ "python", "./app.py" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="2e6ebe8f1dad22874070019e4ee607f29ed3546d" "org.opencontainers.image.revision"="2e6ebe8f1dad22874070019e4ee607f29ed3546d" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-04-30T13:07:40Z" "org.opencontainers.image.created"="2026-04-30T13:07:40Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-2e6ebe8f1dad22874070019e4ee607f29ed3546d --> e0fd156610fe Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-2e6ebe8f1dad22874070019e4ee607f29ed3546d e0fd156610fe6f21a85b3741aab373a258a9f16318d769b218e913215a5b7e1c [2026-04-30T13:08:34,515890302+00:00] Unsetting proxy [2026-04-30T13:08:34,517231809+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/python-39:1-117.1684741281 registry.access.redhat.com/ubi9/python-39:1-117.1684741281@sha256:40a58935b9c22664927b22bf256f53a3d744ddb7316f3af18061099e199526ee Getting image source signatures Copying blob sha256:1e686c2319e6af2e64d796ead8468991a117ce60a7a3472b6a69df577f132f27 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 Copying config sha256:e0fd156610fe6f21a85b3741aab373a258a9f16318d769b218e913215a5b7e1c Writing manifest to image destination [2026-04-30T13:09:06,054482371+00:00] End build pod: python-component-trnhus-on-4ce42263553c66dd17316179110b27ad-pod | container step-push: [2026-04-30T13:09:06,802325597+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-30T13:09:27,542147583+00:00] Convert image [2026-04-30T13:09:27,543196803+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:python-component-trnhus-on-pull-request-vtl8t-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-2e6ebe8f1dad22874070019e4ee607f29ed3546d docker://quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:python-component-trnhus-on-pull-request-vtl8t-build-container Getting image source signatures Copying blob sha256:1e686c2319e6af2e64d796ead8468991a117ce60a7a3472b6a69df577f132f27 Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 pod: python-component-trnhus-on-4ce42263553c66dd17316179110b27ad-pod | container step-sbom-syft-generate: pod: python-component-trnhus-on-4ce42263553c66dd17316179110b27ad-pod | container step-prepare-sboms: pod: python-component-trnhus-on-4ce42263553c66dd17316179110b27ad-pod | container step-upload-sbom: pod: python-component-trnhus-on-e4b98324fff27f5180ba3c10e0d3f2b2-pod | init container: prepare 2026/04/30 13:05:59 Entrypoint initialization pod: python-component-trnhus-on-e4b98324fff27f5180ba3c10e0d3f2b2-pod | init container: place-scripts 2026/04/30 13:06:00 Decoded script /tekton/scripts/script-0-qq92q 2026/04/30 13:06:00 Decoded script /tekton/scripts/script-1-dsfh4 pod: python-component-trnhus-on-e4b98324fff27f5180ba3c10e0d3f2b2-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1777554363.4706082,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777554363.9813728,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 2e6ebe8f1dad22874070019e4ee607f29ed3546d (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1777554363.9814227,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777554364.004759,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision 2e6ebe8f1dad22874070019e4ee607f29ed3546d directly. pod: python-component-trnhus-on-e4b98324fff27f5180ba3c10e0d3f2b2-pod | container step-symlink-check: Running symlink check pod: python-component-trnhus-on-e4b98324fff27f5180ba3c10e0d3f2b2-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:4ab2c8ffa209381241e452c5d5e213e14ccb7640b96cd863defb26c7bb223fbf) Using token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus Executing: oras push --annotation=quay.expires-after=5d --registry-config /tmp/create-oci.sh.KjDKwB/auth-lqH4bP.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-2e6ebe8f1dad22874070019e4ee607f29ed3546d.git SOURCE_ARTIFACT Uploading 4ab2c8ffa209 SOURCE_ARTIFACT Uploaded 4ab2c8ffa209 SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-2e6ebe8f1dad22874070019e4ee607f29ed3546d.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:1be9110768be40cc17b96a249258fd2ee90a79e9e0239be972ae6b9e1a860648 Artifacts created pod: python-component-trnhus-on-pull-request-vtl8t-init-pod | init container: prepare 2026/04/30 13:05:53 Entrypoint initialization pod: python-component-trnhus-on-pull-request-vtl8t-init-pod | container step-init: time="2026-04-30T13:05:56Z" level=info msg="[param] enable: false" time="2026-04-30T13:05:56Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-30T13:05:56Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-30T13:05:56Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-30T13:05:56Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-30T13:05:56Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-30T13:05:56Z" level=info msg="Cache proxy is disabled via param" time="2026-04-30T13:05:56Z" level=info msg="[result] HTTP PROXY: " time="2026-04-30T13:05:56Z" level=info msg="[result] NO PROXY: " New PipelineRun python-component-trnhus-on-pull-request-zkvt9 found after retrigger for component build-e2e-itss/python-component-trnhus PipelineRun python-component-trnhus-on-pull-request-zkvt9 found for Component build-e2e-itss/python-component-trnhus PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: ResolvingTaskRef PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Running PipelineRun python-component-trnhus-on-pull-request-zkvt9 reason: Failed attempt 2/3: PipelineRun "python-component-trnhus-on-pull-request-zkvt9" failed: pod: python-component-trnhus-on-26e8acc54730c4cad7182d4e2767be04-pod | init container: prepare 2026/04/30 13:12:35 Entrypoint initialization pod: python-component-trnhus-on-26e8acc54730c4cad7182d4e2767be04-pod | init container: place-scripts 2026/04/30 13:12:36 Decoded script /tekton/scripts/script-1-9xvw8 2026/04/30 13:12:36 Decoded script /tekton/scripts/script-2-zp768 2026/04/30 13:12:36 Decoded script /tekton/scripts/script-3-b4hp6 2026/04/30 13:12:36 Decoded script /tekton/scripts/script-4-kxptb 2026/04/30 13:12:36 Decoded script /tekton/scripts/script-5-kcmff pod: python-component-trnhus-on-26e8acc54730c4cad7182d4e2767be04-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus Executing: oras blob fetch --registry-config /tmp/use-oci.sh.EuMLRG/auth-DEBVXA.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:e9021ec7272e28be970d651057d6ef7f50f7da343026181578f8685b73a49622 --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:e9021ec7272e28be970d651057d6ef7f50f7da343026181578f8685b73a49622 to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: python-component-trnhus-on-26e8acc54730c4cad7182d4e2767be04-pod | container step-build: [2026-04-30T13:12:41,839729732+00:00] Validate context path [2026-04-30T13:12:41,842934231+00:00] Update CA trust [2026-04-30T13:12:41,844048849+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-30T13:12:45,738422802+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-30T13:12:45,745466628+00:00] Prepare system (architecture: x86_64) [2026-04-30T13:12:45,760501450+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/python-39:1-117.1684741281... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:5465449a2ea5d8a7e05fa498c8ba35f0ce7714b0ad37e716961fca17dfa1ef13 Copying blob sha256:085efe85e9dfb0b3d5d2392e4b78660a3091bf1ded336315117a627fbdd0567d Copying blob sha256:a07d808ddf4404b3885fef6100142a973cc667b2c3c4abcf4db96508795b1efb Copying blob sha256:8a2e9815396eaa57b0dfe27b2dfc442417f06aa70974c358f198980b533c7942 Copying config sha256:45c8f23c11bb64f238236aaf5cbe05595778e1d4fb6c06109c6fcc0a6b57a45b Writing manifest to image destination Storing signatures [2026-04-30T13:13:17,930977468+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-30T13:12:45Z", "com.redhat.component": "python-39-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.buildpacks.stack.id": "com.redhat.stacks.ubi9-python-39", "io.k8s.description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "io.k8s.display-name": "Python 3.9", "io.openshift.expose-services": "8080:http", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,python,python39,python-39,rh-python39", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "SoftwareCollections.org ", "name": "ubi9/python-39", "release": "117.1684741281", "summary": "Platform for building and running Python 3.9 applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi9/python-39/images/1-117.1684741281", "usage": "s2i build https://github.com/sclorg/s2i-python-container.git --context-dir=3.9/test/setup-test-app/ ubi9/python-39 python-sample-app", "vcs-ref": "c9aab6dca86ec20b7e7ad7b799a34e7a0d189186", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1", "org.opencontainers.image.revision": "c9aab6dca86ec20b7e7ad7b799a34e7a0d189186", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2026-04-30T13:12:45Z" } [2026-04-30T13:13:18,036521748+00:00] Register sub-man Adding the entitlement to the build [2026-04-30T13:13:18,039647292+00:00] Add secrets [2026-04-30T13:13:18,055182354+00:00] Run buildah build [2026-04-30T13:13:18,056212341+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 --label org.opencontainers.image.revision=c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-04-30T13:12:45Z --label org.opencontainers.image.created=2026-04-30T13:12:45Z --annotation org.opencontainers.image.revision=c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-04-30T13:12:45Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.l8be2v -t quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 . STEP 1/10: FROM registry.access.redhat.com/ubi9/python-39:1-117.1684741281 STEP 2/10: EXPOSE 8081/tcp STEP 3/10: ENV FLASK_PORT=8081 STEP 4/10: WORKDIR /projects STEP 5/10: COPY . . STEP 6/10: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting Flask==2.3.3 Downloading flask-2.3.3-py3-none-any.whl (96 kB) Collecting itsdangerous>=2.1.2 Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting Werkzeug>=2.3.7 Downloading werkzeug-3.1.8-py3-none-any.whl (226 kB) Collecting click>=8.1.3 Downloading click-8.1.8-py3-none-any.whl (98 kB) Collecting blinker>=1.6.2 Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Collecting importlib-metadata>=3.6.0 Downloading importlib_metadata-8.7.1-py3-none-any.whl (27 kB) Collecting Jinja2>=3.1.2 Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Collecting zipp>=3.20 Downloading zipp-3.23.1-py3-none-any.whl (10 kB) Collecting MarkupSafe>=2.0 Downloading markupsafe-3.0.3-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (20 kB) Installing collected packages: zipp, MarkupSafe, Werkzeug, Jinja2, itsdangerous, importlib-metadata, click, blinker, Flask Successfully installed Flask-2.3.3 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.8 blinker-1.9.0 click-8.1.8 importlib-metadata-8.7.1 itsdangerous-2.2.0 zipp-3.23.1 WARNING: You are using pip version 21.3.1; however, version 26.0.1 is available. You should consider upgrading via the '/opt/app-root/bin/python3.9 -m pip install --upgrade pip' command. STEP 7/10: CMD [ "python", "./app.py" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="c9aab6dca86ec20b7e7ad7b799a34e7a0d189186" "org.opencontainers.image.revision"="c9aab6dca86ec20b7e7ad7b799a34e7a0d189186" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-04-30T13:12:45Z" "org.opencontainers.image.created"="2026-04-30T13:12:45Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 --> 4e97b6856193 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 4e97b68561930d4546e939793e659900516f496991534c0419d76cb1be5c9557 [2026-04-30T13:13:25,123342287+00:00] Unsetting proxy [2026-04-30T13:13:25,124732803+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/python-39:1-117.1684741281 registry.access.redhat.com/ubi9/python-39:1-117.1684741281@sha256:40a58935b9c22664927b22bf256f53a3d744ddb7316f3af18061099e199526ee Getting image source signatures Copying blob sha256:a6387b55abfc705918a5cd6a0416443fa58d921cdfafa9bac2081ed8779b98f7 Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying config sha256:4e97b68561930d4546e939793e659900516f496991534c0419d76cb1be5c9557 Writing manifest to image destination [2026-04-30T13:14:02,935551714+00:00] End build pod: python-component-trnhus-on-26e8acc54730c4cad7182d4e2767be04-pod | container step-push: [2026-04-30T13:14:03,362782714+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-30T13:14:24,320534952+00:00] Convert image [2026-04-30T13:14:24,321696749+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:python-component-trnhus-on-pull-request-zkvt9-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 docker://quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:python-component-trnhus-on-pull-request-zkvt9-build-container Getting image source signatures Copying blob sha256:a6387b55abfc705918a5cd6a0416443fa58d921cdfafa9bac2081ed8779b98f7 Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 pod: python-component-trnhus-on-26e8acc54730c4cad7182d4e2767be04-pod | container step-sbom-syft-generate: pod: python-component-trnhus-on-26e8acc54730c4cad7182d4e2767be04-pod | container step-prepare-sboms: pod: python-component-trnhus-on-26e8acc54730c4cad7182d4e2767be04-pod | container step-upload-sbom: pod: python-component-trnhus-on-a0a3cffd5571e2cb5244124c6f043766-pod | init container: prepare 2026/04/30 13:11:45 Entrypoint initialization pod: python-component-trnhus-on-a0a3cffd5571e2cb5244124c6f043766-pod | init container: place-scripts 2026/04/30 13:11:46 Decoded script /tekton/scripts/script-0-646ps 2026/04/30 13:11:46 Decoded script /tekton/scripts/script-1-hprnf pod: python-component-trnhus-on-a0a3cffd5571e2cb5244124c6f043766-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1777554709.2013257,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777554709.6706114,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1777554709.670659,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777554709.6940703,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision c9aab6dca86ec20b7e7ad7b799a34e7a0d189186 directly. pod: python-component-trnhus-on-a0a3cffd5571e2cb5244124c6f043766-pod | container step-symlink-check: Running symlink check pod: python-component-trnhus-on-a0a3cffd5571e2cb5244124c6f043766-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:e9021ec7272e28be970d651057d6ef7f50f7da343026181578f8685b73a49622) Using token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus Executing: oras push --annotation=quay.expires-after=5d --registry-config /tmp/create-oci.sh.3pnTiG/auth-nTylFc.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-c9aab6dca86ec20b7e7ad7b799a34e7a0d189186.git SOURCE_ARTIFACT Uploading e9021ec7272e SOURCE_ARTIFACT Uploaded e9021ec7272e SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-c9aab6dca86ec20b7e7ad7b799a34e7a0d189186.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:428a738e2567e66610572f9cdfe00be89ab13e75fa336886a8f9ac0c2ab16c9d Artifacts created pod: python-component-trnhus-on-pull-request-zkvt9-init-pod | init container: prepare 2026/04/30 13:11:40 Entrypoint initialization pod: python-component-trnhus-on-pull-request-zkvt9-init-pod | container step-init: time="2026-04-30T13:11:43Z" level=info msg="[param] enable: false" time="2026-04-30T13:11:43Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-30T13:11:43Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-30T13:11:43Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-30T13:11:43Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-30T13:11:43Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-30T13:11:43Z" level=info msg="Cache proxy is disabled via param" time="2026-04-30T13:11:43Z" level=info msg="[result] HTTP PROXY: " time="2026-04-30T13:11:43Z" level=info msg="[result] NO PROXY: " New PipelineRun python-component-trnhus-on-pull-request-24rzw found after retrigger for component build-e2e-itss/python-component-trnhus PipelineRun python-component-trnhus-on-pull-request-24rzw found for Component build-e2e-itss/python-component-trnhus PipelineRun python-component-trnhus-on-pull-request-24rzw reason: ResolvingTaskRef PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Running PipelineRun python-component-trnhus-on-pull-request-24rzw reason: Failed attempt 3/3: PipelineRun "python-component-trnhus-on-pull-request-24rzw" failed: pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | init container: prepare 2026/04/30 13:17:18 Entrypoint initialization pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | init container: place-scripts 2026/04/30 13:17:19 Decoded script /tekton/scripts/script-0-62dc5 2026/04/30 13:17:19 Decoded script /tekton/scripts/script-1-9x758 pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1777555042.3930662,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777555042.9413862,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 93857c8eeb4fcea2d404ed091ae4d08a591ebb21 (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1777555042.9414358,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777555042.9649217,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision 93857c8eeb4fcea2d404ed091ae4d08a591ebb21 directly. pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-symlink-check: Running symlink check pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716) Using token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus Executing: oras push --annotation=quay.expires-after=5d --registry-config /tmp/create-oci.sh.yzkVmj/auth-JxBaua.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21.git SOURCE_ARTIFACT Uploading 4f8fca47a42f SOURCE_ARTIFACT Uploaded 4f8fca47a42f SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:22a1678ea61b51fdd906720940300bd45b817ab8b562ed985deb46d1a6c07f3e Artifacts created pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | init container: prepare 2026/04/30 13:18:06 Entrypoint initialization pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | init container: place-scripts 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-1-mjg9t 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-2-7zb2b 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-3-pcj9z 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-4-w7km8 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-5-frr78 pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus Executing: oras blob fetch --registry-config /tmp/use-oci.sh.RDRuko/auth-ZhzESs.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716 --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716 to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-build: [2026-04-30T13:18:10,978361206+00:00] Validate context path [2026-04-30T13:18:10,981708454+00:00] Update CA trust [2026-04-30T13:18:10,982749260+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-30T13:18:14,978299957+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-30T13:18:14,985281380+00:00] Prepare system (architecture: x86_64) [2026-04-30T13:18:15,048875383+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/python-39:1-117.1684741281... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:8a2e9815396eaa57b0dfe27b2dfc442417f06aa70974c358f198980b533c7942 Copying blob sha256:5465449a2ea5d8a7e05fa498c8ba35f0ce7714b0ad37e716961fca17dfa1ef13 Copying blob sha256:085efe85e9dfb0b3d5d2392e4b78660a3091bf1ded336315117a627fbdd0567d Copying blob sha256:a07d808ddf4404b3885fef6100142a973cc667b2c3c4abcf4db96508795b1efb Copying config sha256:45c8f23c11bb64f238236aaf5cbe05595778e1d4fb6c06109c6fcc0a6b57a45b Writing manifest to image destination Storing signatures [2026-04-30T13:18:45,922884408+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-30T13:18:15Z", "com.redhat.component": "python-39-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.buildpacks.stack.id": "com.redhat.stacks.ubi9-python-39", "io.k8s.description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "io.k8s.display-name": "Python 3.9", "io.openshift.expose-services": "8080:http", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,python,python39,python-39,rh-python39", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "SoftwareCollections.org ", "name": "ubi9/python-39", "release": "117.1684741281", "summary": "Platform for building and running Python 3.9 applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi9/python-39/images/1-117.1684741281", "usage": "s2i build https://github.com/sclorg/s2i-python-container.git --context-dir=3.9/test/setup-test-app/ ubi9/python-39 python-sample-app", "vcs-ref": "93857c8eeb4fcea2d404ed091ae4d08a591ebb21", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1", "org.opencontainers.image.revision": "93857c8eeb4fcea2d404ed091ae4d08a591ebb21", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2026-04-30T13:18:15Z" } [2026-04-30T13:18:45,965290615+00:00] Register sub-man Adding the entitlement to the build [2026-04-30T13:18:45,968447629+00:00] Add secrets [2026-04-30T13:18:45,985206334+00:00] Run buildah build [2026-04-30T13:18:45,986278511+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=93857c8eeb4fcea2d404ed091ae4d08a591ebb21 --label org.opencontainers.image.revision=93857c8eeb4fcea2d404ed091ae4d08a591ebb21 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-04-30T13:18:15Z --label org.opencontainers.image.created=2026-04-30T13:18:15Z --annotation org.opencontainers.image.revision=93857c8eeb4fcea2d404ed091ae4d08a591ebb21 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-04-30T13:18:15Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.R7znWm -t quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21 . STEP 1/10: FROM registry.access.redhat.com/ubi9/python-39:1-117.1684741281 STEP 2/10: EXPOSE 8081/tcp STEP 3/10: ENV FLASK_PORT=8081 STEP 4/10: WORKDIR /projects STEP 5/10: COPY . . STEP 6/10: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting Flask==2.3.3 Downloading flask-2.3.3-py3-none-any.whl (96 kB) Collecting Werkzeug>=2.3.7 Downloading werkzeug-3.1.8-py3-none-any.whl (226 kB) Collecting click>=8.1.3 Downloading click-8.1.8-py3-none-any.whl (98 kB) Collecting Jinja2>=3.1.2 Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Collecting importlib-metadata>=3.6.0 Downloading importlib_metadata-8.7.1-py3-none-any.whl (27 kB) Collecting blinker>=1.6.2 Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Collecting itsdangerous>=2.1.2 Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting zipp>=3.20 Downloading zipp-3.23.1-py3-none-any.whl (10 kB) Collecting MarkupSafe>=2.0 Downloading markupsafe-3.0.3-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (20 kB) Installing collected packages: zipp, MarkupSafe, Werkzeug, Jinja2, itsdangerous, importlib-metadata, click, blinker, Flask Successfully installed Flask-2.3.3 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.8 blinker-1.9.0 click-8.1.8 importlib-metadata-8.7.1 itsdangerous-2.2.0 zipp-3.23.1 WARNING: You are using pip version 21.3.1; however, version 26.0.1 is available. You should consider upgrading via the '/opt/app-root/bin/python3.9 -m pip install --upgrade pip' command. STEP 7/10: CMD [ "python", "./app.py" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="93857c8eeb4fcea2d404ed091ae4d08a591ebb21" "org.opencontainers.image.revision"="93857c8eeb4fcea2d404ed091ae4d08a591ebb21" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-04-30T13:18:15Z" "org.opencontainers.image.created"="2026-04-30T13:18:15Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21 --> d497e3940a82 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21 d497e3940a822d674f640564509be72adfa3cf9b1f3efba3dd8c4ff541cde9ac [2026-04-30T13:18:53,083055777+00:00] Unsetting proxy [2026-04-30T13:18:53,084395677+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/python-39:1-117.1684741281 registry.access.redhat.com/ubi9/python-39:1-117.1684741281@sha256:40a58935b9c22664927b22bf256f53a3d744ddb7316f3af18061099e199526ee Getting image source signatures Copying blob sha256:6715abe87de089b1c2790bff8dfd174b2c0adecada6e895b843a76d59df468f7 Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying config sha256:d497e3940a822d674f640564509be72adfa3cf9b1f3efba3dd8c4ff541cde9ac Writing manifest to image destination [2026-04-30T13:19:26,353790319+00:00] End build pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-push: [2026-04-30T13:19:26,532940583+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-30T13:19:47,413806006+00:00] Convert image [2026-04-30T13:19:47,414825384+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:python-component-trnhus-on-pull-request-24rzw-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21 docker://quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:python-component-trnhus-on-pull-request-24rzw-build-container Getting image source signatures Copying blob sha256:6715abe87de089b1c2790bff8dfd174b2c0adecada6e895b843a76d59df468f7 Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-sbom-syft-generate: pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-prepare-sboms: pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-upload-sbom: pod: python-component-trnhus-on-pull-request-24rzw-init-pod | init container: prepare 2026/04/30 13:17:13 Entrypoint initialization pod: python-component-trnhus-on-pull-request-24rzw-init-pod | container step-init: time="2026-04-30T13:17:15Z" level=info msg="[param] enable: false" time="2026-04-30T13:17:15Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-30T13:17:15Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-30T13:17:15Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-30T13:17:15Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-30T13:17:15Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-30T13:17:15Z" level=info msg="Cache proxy is disabled via param" time="2026-04-30T13:17:15Z" level=info msg="[result] HTTP PROXY: " time="2026-04-30T13:17:15Z" level=info msg="[result] NO PROXY: " [FAILED] in [It] - /tmp/tmp.t6iGoTvjvH/tests/build/multi_component.go:161 @ 04/30/26 13:22:52.539 << Timeline [FAILED] Expected success, but got an error: <*errors.errorString | 0xc001dc6980>: pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | init container: prepare 2026/04/30 13:17:18 Entrypoint initialization pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | init container: place-scripts 2026/04/30 13:17:19 Decoded script /tekton/scripts/script-0-62dc5 2026/04/30 13:17:19 Decoded script /tekton/scripts/script-1-9x758 pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1777555042.3930662,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777555042.9413862,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 93857c8eeb4fcea2d404ed091ae4d08a591ebb21 (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1777555042.9414358,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777555042.9649217,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision 93857c8eeb4fcea2d404ed091ae4d08a591ebb21 directly. pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-symlink-check: Running symlink check pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716) Using token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus Executing: oras push --annotation=quay.expires-after=5d --registry-config /tmp/create-oci.sh.yzkVmj/auth-JxBaua.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21.git SOURCE_ARTIFACT Uploading 4f8fca47a42f SOURCE_ARTIFACT Uploaded 4f8fca47a42f SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:22a1678ea61b51fdd906720940300bd45b817ab8b562ed985deb46d1a6c07f3e Artifacts created pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | init container: prepare 2026/04/30 13:18:06 Entrypoint initialization pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | init container: place-scripts 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-1-mjg9t 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-2-7zb2b 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-3-pcj9z 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-4-w7km8 2026/04/30 13:18:06 Decoded script /tekton/scripts/script-5-frr78 pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus Executing: oras blob fetch --registry-config /tmp/use-oci.sh.RDRuko/auth-ZhzESs.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716 --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716 to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-build: [2026-04-30T13:18:10,978361206+00:00] Validate context path [2026-04-30T13:18:10,981708454+00:00] Update CA trust [2026-04-30T13:18:10,982749260+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-30T13:18:14,978299957+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-30T13:18:14,985281380+00:00] Prepare system (architecture: x86_64) [2026-04-30T13:18:15,048875383+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/python-39:1-117.1684741281... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:8a2e9815396eaa57b0dfe27b2dfc442417f06aa70974c358f198980b533c7942 Copying blob sha256:5465449a2ea5d8a7e05fa498c8ba35f0ce7714b0ad37e716961fca17dfa1ef13 Copying blob sha256:085efe85e9dfb0b3d5d2392e4b78660a3091bf1ded336315117a627fbdd0567d Copying blob sha256:a07d808ddf4404b3885fef6100142a973cc667b2c3c4abcf4db96508795b1efb Copying config sha256:45c8f23c11bb64f238236aaf5cbe05595778e1d4fb6c06109c6fcc0a6b57a45b Writing manifest to image destination Storing signatures [2026-04-30T13:18:45,922884408+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-30T13:18:15Z", "com.redhat.component": "python-39-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.buildpacks.stack.id": "com.redhat.stacks.ubi9-python-39", "io.k8s.description": "Python 3.9 available as container is a base platform for building and running various Python 3.9 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "io.k8s.display-name": "Python 3.9", "io.openshift.expose-services": "8080:http", "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", "io.openshift.tags": "builder,python,python39,python-39,rh-python39", "io.s2i.scripts-url": "image:///usr/libexec/s2i", "maintainer": "SoftwareCollections.org ", "name": "ubi9/python-39", "release": "117.1684741281", "summary": "Platform for building and running Python 3.9 applications", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi9/python-39/images/1-117.1684741281", "usage": "s2i build https://github.com/sclorg/s2i-python-container.git --context-dir=3.9/test/setup-test-app/ ubi9/python-39 python-sample-app", "vcs-ref": "93857c8eeb4fcea2d404ed091ae4d08a591ebb21", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1", "org.opencontainers.image.revision": "93857c8eeb4fcea2d404ed091ae4d08a591ebb21", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d", "org.opencontainers.image.created": "2026-04-30T13:18:15Z" } [2026-04-30T13:18:45,965290615+00:00] Register sub-man Adding the entitlement to the build [2026-04-30T13:18:45,968447629+00:00] Add secrets [2026-04-30T13:18:45,985206334+00:00] Run buildah build [2026-04-30T13:18:45,986278511+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=93857c8eeb4fcea2d404ed091ae4d08a591ebb21 --label org.opencontainers.image.revision=93857c8eeb4fcea2d404ed091ae4d08a591ebb21 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-04-30T13:18:15Z --label org.opencontainers.image.created=2026-04-30T13:18:15Z --annotation org.opencontainers.image.revision=93857c8eeb4fcea2d404ed091ae4d08a591ebb21 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-04-30T13:18:15Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.R7znWm -t quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21 . STEP 1/10: FROM registry.access.redhat.com/ubi9/python-39:1-117.1684741281 STEP 2/10: EXPOSE 8081/tcp STEP 3/10: ENV FLASK_PORT=8081 STEP 4/10: WORKDIR /projects STEP 5/10: COPY . . STEP 6/10: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting Flask==2.3.3 Downloading flask-2.3.3-py3-none-any.whl (96 kB) Collecting Werkzeug>=2.3.7 Downloading werkzeug-3.1.8-py3-none-any.whl (226 kB) Collecting click>=8.1.3 Downloading click-8.1.8-py3-none-any.whl (98 kB) Collecting Jinja2>=3.1.2 Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Collecting importlib-metadata>=3.6.0 Downloading importlib_metadata-8.7.1-py3-none-any.whl (27 kB) Collecting blinker>=1.6.2 Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Collecting itsdangerous>=2.1.2 Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting zipp>=3.20 Downloading zipp-3.23.1-py3-none-any.whl (10 kB) Collecting MarkupSafe>=2.0 Downloading markupsafe-3.0.3-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (20 kB) Installing collected packages: zipp, MarkupSafe, Werkzeug, Jinja2, itsdangerous, importlib-metadata, click, blinker, Flask Successfully installed Flask-2.3.3 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.8 blinker-1.9.0 click-8.1.8 importlib-metadata-8.7.1 itsdangerous-2.2.0 zipp-3.23.1 WARNING: You are using pip version 21.3.1; however, version 26.0.1 is available. You should consider upgrading via the '/opt/app-root/bin/python3.9 -m pip install --upgrade pip' command. STEP 7/10: CMD [ "python", "./app.py" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="93857c8eeb4fcea2d404ed091ae4d08a591ebb21" "org.opencontainers.image.revision"="93857c8eeb4fcea2d404ed091ae4d08a591ebb21" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-04-30T13:18:15Z" "org.opencontainers.image.created"="2026-04-30T13:18:15Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21 --> d497e3940a82 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21 d497e3940a822d674f640564509be72adfa3cf9b1f3efba3dd8c4ff541cde9ac [2026-04-30T13:18:53,083055777+00:00] Unsetting proxy [2026-04-30T13:18:53,084395677+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/python-39:1-117.1684741281 registry.access.redhat.com/ubi9/python-39:1-117.1684741281@sha256:40a58935b9c22664927b22bf256f53a3d744ddb7316f3af18061099e199526ee Getting image source signatures Copying blob sha256:6715abe87de089b1c2790bff8dfd174b2c0adecada6e895b843a76d59df468f7 Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying config sha256:d497e3940a822d674f640564509be72adfa3cf9b1f3efba3dd8c4ff541cde9ac Writing manifest to image destination [2026-04-30T13:19:26,353790319+00:00] End build pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-push: [2026-04-30T13:19:26,532940583+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-30T13:19:47,413806006+00:00] Convert image [2026-04-30T13:19:47,414825384+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:python-component-trnhus-on-pull-request-24rzw-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21 docker://quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:python-component-trnhus-on-pull-request-24rzw-build-container Getting image source signatures Copying blob sha256:6715abe87de089b1c2790bff8dfd174b2c0adecada6e895b843a76d59df468f7 Copying blob sha256:bc8a0003b3470be53e5cf295daf38c287d3f20ab90e8f5c2b6f17406b158d323 Copying blob sha256:d93d3cc0bc0c5ed9655bcdcf31183ed0b570076c0e6a13e0d7cb907d0b877b00 Copying blob sha256:d661a108c347030c3ef626a0e0020e084fba1e1023193824f5395fa90ef40bde Copying blob sha256:629980bfa23ec05ce5acc61ed2866ddf8713f40bb2a61f0850395082f1457220 pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-sbom-syft-generate: pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-prepare-sboms: pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-upload-sbom: pod: python-component-trnhus-on-pull-request-24rzw-init-pod | init container: prepare 2026/04/30 13:17:13 Entrypoint initialization pod: python-component-trnhus-on-pull-request-24rzw-init-pod | container step-init: time="2026-04-30T13:17:15Z" level=info msg="[param] enable: false" time="2026-04-30T13:17:15Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-30T13:17:15Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-30T13:17:15Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-30T13:17:15Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-30T13:17:15Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-30T13:17:15Z" level=info msg="Cache proxy is disabled via param" time="2026-04-30T13:17:15Z" level=info msg="[result] HTTP PROXY: " time="2026-04-30T13:17:15Z" level=info msg="[result] NO PROXY: " { s: "\n pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | init container: prepare\n2026/04/30 13:17:18 Entrypoint initialization\n\n pod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | init container: place-scripts\n2026/04/30 13:17:19 Decoded script /tekton/scripts/script-0-62dc5\n2026/04/30 13:17:19 Decoded script /tekton/scripts/script-1-9x758\n\npod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-clone: \nINFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt\n{\"level\":\"info\",\"ts\":1777555042.3930662,\"caller\":\"git/git.go:394\",\"msg\":\"Retrying operation (attempt 1)\"}\n{\"level\":\"info\",\"ts\":1777555042.9413862,\"caller\":\"git/git.go:223\",\"msg\":\"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 93857c8eeb4fcea2d404ed091ae4d08a591ebb21 (grafted, HEAD) in path /var/workdir/source\"}\n{\"level\":\"info\",\"ts\":1777555042.9414358,\"caller\":\"git/git.go:394\",\"msg\":\"Retrying operation (attempt 1)\"}\n{\"level\":\"info\",\"ts\":1777555042.9649217,\"caller\":\"git/git.go:277\",\"msg\":\"Successfully initialized and updated submodules in path /var/workdir/source\"}\nMerge option disabled. Using checked-out revision 93857c8eeb4fcea2d404ed091ae4d08a591ebb21 directly.\n\npod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-symlink-check: \nRunning symlink check\n\npod: python-component-trnhus-on-897d148543795f62d14170897076fa7d-pod | container step-create-trusted-artifact: \nPrepared artifact from /var/workdir/source (sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716)\nUsing token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus\nExecuting: oras push --annotation=quay.expires-after=5d --registry-config /tmp/create-oci.sh.yzkVmj/auth-JxBaua.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21.git SOURCE_ARTIFACT\nUploading 4f8fca47a42f SOURCE_ARTIFACT\nUploaded 4f8fca47a42f SOURCE_ARTIFACT\nPushed [registry] quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus:on-pr-93857c8eeb4fcea2d404ed091ae4d08a591ebb21.git\nArtifactType: application/vnd.unknown.artifact.v1\nDigest: sha256:22a1678ea61b51fdd906720940300bd45b817ab8b562ed985deb46d1a6c07f3e\nArtifacts created\n\n\n pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | init container: prepare\n2026/04/30 13:18:06 Entrypoint initialization\n\n pod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | init container: place-scripts\n2026/04/30 13:18:06 Decoded script /tekton/scripts/script-1-mjg9t\n2026/04/30 13:18:06 Decoded script /tekton/scripts/script-2-7zb2b\n2026/04/30 13:18:06 Decoded script /tekton/scripts/script-3-pcj9z\n2026/04/30 13:18:06 Decoded script /tekton/scripts/script-4-w7km8\n2026/04/30 13:18:06 Decoded script /tekton/scripts/script-5-frr78\n\npod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-use-trusted-artifact: \nUsing token for quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus\nExecuting: oras blob fetch --registry-config /tmp/use-oci.sh.RDRuko/auth-ZhzESs.json quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716 --output -\nRestored artifact quay.io/redhat-appstudio-qe/build-e2e-itss/python-component-trnhus@sha256:4f8fca47a42f37ce92408c1e7794854d31871f092065c2494d0e90b930436716 to /var/workdir/source\nWARN: artifact URI not provided, (given: =/var/workdir/cachi2)\n\n\npod: python-component-trnhus-on-f71a3e3eaa400f370444fec9b1012c71-pod | container step-build: \n[2026-04-30T13:18:10,978361206+00:00] Validate context path\n[2026-04-30T13:18:10,981708454+00:00] Update CA trust\n[2026-04-30T13:18:10,982749260+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt\n'/mnt/trusted-ca/ca-bundle.crt' ->... Gomega truncated this representation as it exceeds 'format.MaxLength'. Consider having the object provide a custom 'GomegaStringer' representation or adjust the parameters in Gomega's 'format' package. Learn more here: https://onsi.github.io/gomega/#adjusting-output In [It] at: /tmp/tmp.t6iGoTvjvH/tests/build/multi_component.go:161 @ 04/30/26 13:22:52.539 ------------------------------ SSSSSSSSSSSSSSSSSSSSSSSS Summarizing 5 Failures: [FAIL] [build-service-suite Build service E2E tests] test git provider gl component update with renovate [BeforeAll] when components are created in same namespace creates component with nudges [build-service, renovate, multi-component, gitlab] /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:74 [FAIL] [build-service-suite Build service E2E tests] test git provider gl PaC component build [BeforeAll] when a new component without specified branch is created and with visibility private correctly targets the default branch (that is not named 'main') with PaC [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:60 [FAIL] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace [It] PAC PipelineRun for parent component is successful [build-service, renovate, multi-component, forgejo] /tmp/tmp.t6iGoTvjvH/tests/build/renovate.go:403 [FAIL] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the component is removed [It] purge PR is created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.t6iGoTvjvH/tests/build/pac_build.go:692 [FAIL] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] the PipelineRun should eventually finish successfully for component python-component-trnhus [build-service, github, pac-build, multi-component] /tmp/tmp.t6iGoTvjvH/tests/build/multi_component.go:161 Ran 101 of 467 Specs in 2621.220 seconds FAIL! -- 96 Passed | 5 Failed | 88 Pending | 278 Skipped Ginkgo ran 1 suite in 45m57.383626166s Test Suite Failed E0430 13:22:54.961917 18383 types.go:186] Failed to execute rule: build-service repo CI Workflow Rule: Execute the full workflow for e2e-tests repo in CI Error: running "ginkgo --seed=1777552611 --timeout=1h30m0s --grace-period=30s --output-interceptor-mode=none --label-filter=build-service --no-color --json-report=e2e-report.json --junit-report=e2e-report.xml --procs=20 --nodes=20 --p --output-dir=/workspace/artifact-dir ./cmd --" failed with exit code 1 make: *** [Makefile:25: ci/test/e2e] Error 1