go: downloading github.com/konflux-ci/build-service v0.0.0-20240611083846-2dee6cfe6fe4 go: downloading github.com/konflux-ci/e2e-tests v0.0.0-20260428105747-f0b222ad8cb6 go: downloading github.com/google/go-github/v66 v66.0.0 go: downloading k8s.io/apimachinery v0.34.2 go: downloading github.com/konflux-ci/application-api v0.0.0-20260312190025-5154ad273e17 go: downloading github.com/tektoncd/pipeline v1.7.0 go: downloading github.com/devfile/library/v2 v2.2.1-0.20230418160146-e75481b7eebd go: downloading k8s.io/api v0.34.2 go: downloading github.com/konflux-ci/release-service v0.0.0-20260127184035-c36c56a3c440 go: downloading github.com/openshift/oc v0.0.0-alpha.0.0.20220614012638-35c7eeb5274e go: downloading github.com/onsi/gomega v1.39.1 go: downloading github.com/go-logr/logr v1.4.3 go: downloading golang.org/x/sys v0.42.0 go: downloading github.com/google/go-containerregistry v0.20.7 go: downloading github.com/openshift-pipelines/pipelines-as-code v0.34.0 go: downloading github.com/openshift/api v0.0.0-20260320151444-324a1bcb9f55 go: downloading golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90 go: downloading gopkg.in/yaml.v2 v2.4.0 go: downloading k8s.io/client-go v0.34.2 go: downloading k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 go: downloading knative.dev/pkg v0.0.0-20250424013628-d5e74d29daa3 go: downloading sigs.k8s.io/controller-runtime v0.20.2 go: downloading sigs.k8s.io/yaml v1.6.0 go: downloading github.com/bradleyfalzon/ghinstallation/v2 v2.17.0 go: downloading github.com/google/go-github/v45 v45.2.0 go: downloading github.com/prometheus/client_golang v1.23.2 go: downloading golang.org/x/oauth2 v0.34.0 go: downloading k8s.io/apiextensions-apiserver v0.34.2 go: downloading github.com/fatih/color v1.18.0 go: downloading github.com/go-git/go-git/v5 v5.16.5 go: downloading github.com/gobwas/glob v0.2.3 go: downloading github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 go: downloading github.com/pkg/errors v0.9.1 go: downloading k8s.io/klog v1.0.0 go: downloading github.com/hashicorp/go-multierror v1.1.1 go: downloading github.com/operator-framework/operator-lib v0.19.0 go: downloading github.com/konflux-ci/operator-toolkit v0.0.0-20260312101100-d4e398191a68 go: downloading github.com/google/go-cmp v0.7.0 go: downloading k8s.io/klog/v2 v2.130.1 go: downloading github.com/xanzy/go-gitlab v0.114.0 go: downloading github.com/konflux-ci/image-controller v0.0.0-20240530145826-3296e4996f6f go: downloading github.com/avast/retry-go/v4 v4.3.3 go: downloading github.com/docker/cli v29.0.3+incompatible go: downloading github.com/magefile/mage v1.14.0 go: downloading github.com/mitchellh/go-homedir v1.1.0 go: downloading github.com/moby/buildkit v0.12.5 go: downloading github.com/openshift/library-go v0.0.0-20220525173854-9b950a41acdc go: downloading k8s.io/cli-runtime v0.34.2 go: downloading github.com/golang-jwt/jwt/v4 v4.5.2 go: downloading github.com/google/go-github/v75 v75.0.0 go: downloading github.com/google/go-querystring v1.2.0 go: downloading go.yaml.in/yaml/v2 v2.4.4 go: downloading github.com/evanphx/json-patch/v5 v5.9.11 go: downloading github.com/fsnotify/fsnotify v1.9.0 go: downloading github.com/spf13/afero v1.15.0 go: downloading github.com/google/cel-go v0.26.1 go: downloading k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 go: downloading github.com/mattn/go-colorable v0.1.14 go: downloading github.com/mattn/go-isatty v0.0.20 go: downloading github.com/gogo/protobuf v1.3.2 go: downloading gopkg.in/inf.v0 v0.9.1 go: downloading sigs.k8s.io/structured-merge-diff/v6 v6.3.2 go: downloading codeberg.org/mvdkleijn/forgejo-sdk/forgejo/v2 v2.2.0 go: downloading github.com/gofri/go-github-ratelimit v1.0.3-0.20230428184158-a500e14de53f go: downloading sigs.k8s.io/randfill v1.0.0 go: downloading github.com/codeready-toolchain/api v0.0.0-20231217224957-34f7cb3fcbf7 go: downloading github.com/conforma/crds/api v0.1.7 go: downloading github.com/konflux-ci/integration-service v0.0.0-20260330012634-6190adb9bbce go: downloading github.com/openshift/client-go v0.0.0-20260108185524-48f4ccfc4e13 go: downloading github.com/redhat-appstudio/jvm-build-service v0.0.0-20240126122210-0e2ee7e2e5b0 go: downloading github.com/vmware-tanzu/velero v1.17.2 go: downloading go.yaml.in/yaml/v3 v3.0.4 go: downloading golang.org/x/net v0.52.0 go: downloading github.com/codeready-toolchain/toolchain-common v0.0.0-20220523142428-2558e76260fb go: downloading github.com/codeready-toolchain/toolchain-e2e v0.0.0-20220525131508-60876bfb99d3 go: downloading github.com/opencontainers/go-digest v1.0.0 go: downloading github.com/bmatcuk/doublestar/v4 v4.7.1 go: downloading github.com/peterbourgon/diskv v2.0.1+incompatible go: downloading github.com/hashicorp/errwrap v1.1.0 go: downloading github.com/beorn7/perks v1.0.1 go: downloading github.com/cespare/xxhash/v2 v2.3.0 go: downloading github.com/prometheus/client_model v0.6.2 go: downloading github.com/prometheus/common v0.67.5 go: downloading github.com/prometheus/procfs v0.19.2 go: downloading google.golang.org/protobuf v1.36.11 go: downloading github.com/opencontainers/image-spec v1.1.1 go: downloading oras.land/oras-go/v2 v2.5.0 go: downloading github.com/tektoncd/cli v0.43.0 go: downloading golang.org/x/crypto v0.49.0 go: downloading gomodules.xyz/jsonpatch/v2 v2.5.0 go: downloading sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 go: downloading golang.org/x/text v0.35.0 go: downloading github.com/google/uuid v1.6.0 go: downloading github.com/spf13/cobra v1.10.2 go: downloading github.com/spf13/pflag v1.0.10 go: downloading gopkg.in/evanphx/json-patch.v4 v4.13.0 go: downloading github.com/docker/distribution v2.8.2+incompatible go: downloading github.com/docker/go-units v0.5.0 go: downloading k8s.io/kubectl v0.34.2 go: downloading github.com/docker/docker v23.0.7+incompatible go: downloading github.com/aws/aws-sdk-go v1.55.8 go: downloading github.com/containers/image/v5 v5.29.3 go: downloading github.com/hashicorp/go-cleanhttp v0.5.2 go: downloading github.com/hashicorp/go-retryablehttp v0.7.8 go: downloading golang.org/x/time v0.15.0 go: downloading github.com/ProtonMail/go-crypto v1.3.0 go: downloading dario.cat/mergo v1.0.2 go: downloading github.com/go-git/go-billy/v5 v5.7.0 go: downloading github.com/sergi/go-diff v1.4.0 go: downloading cel.dev/expr v0.25.1 go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20260406210006-6f92a3bedf2d go: downloading github.com/42wim/httpsig v1.2.3 go: downloading github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e go: downloading github.com/json-iterator/go v1.1.12 go: downloading github.com/hashicorp/go-version v1.7.0 go: downloading github.com/emicklei/go-restful/v3 v3.13.0 go: downloading github.com/go-openapi/jsonreference v0.21.5 go: downloading github.com/go-openapi/swag v0.25.5 go: downloading github.com/google/gnostic-models v0.7.1 go: downloading github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 go: downloading github.com/google/btree v1.1.3 go: downloading github.com/sirupsen/logrus v1.9.3 go: downloading github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 go: downloading contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20230502190836-7399e0f8ee5e go: downloading contrib.go.opencensus.io/exporter/prometheus v0.4.2 go: downloading go.opencensus.io v0.24.0 go: downloading go.uber.org/zap v1.27.1 go: downloading google.golang.org/grpc v1.79.3 go: downloading github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de go: downloading github.com/moby/term v0.5.2 go: downloading sigs.k8s.io/kustomize/api v0.20.1 go: downloading sigs.k8s.io/kustomize/kyaml v0.20.1 go: downloading github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 go: downloading golang.org/x/term v0.41.0 go: downloading github.com/pjbgf/sha1cd v0.5.0 go: downloading github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 go: downloading github.com/emirpasic/gods v1.18.1 go: downloading github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 go: downloading github.com/fxamacker/cbor/v2 v2.9.0 go: downloading github.com/cyphar/filepath-securejoin v0.3.6 go: downloading github.com/stoewer/go-strcase v1.3.1 go: downloading github.com/antlr4-go/antlr/v4 v4.13.1 go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 go: downloading github.com/containerd/typeurl/v2 v2.2.2 go: downloading github.com/containerd/stargz-snapshotter/estargz v0.18.1 go: downloading github.com/klauspost/compress v1.18.2 go: downloading github.com/docker/docker-credential-helpers v0.9.3 go: downloading github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc go: downloading github.com/go-openapi/jsonpointer v0.22.5 go: downloading github.com/blendle/zapdriver v1.3.1 go: downloading github.com/go-openapi/swag/cmdutils v0.25.5 go: downloading github.com/go-openapi/swag/conv v0.25.5 go: downloading github.com/go-openapi/swag/fileutils v0.25.5 go: downloading github.com/go-openapi/swag/jsonname v0.25.5 go: downloading github.com/go-openapi/swag/jsonutils v0.25.5 go: downloading github.com/go-openapi/swag/loading v0.25.5 go: downloading github.com/go-openapi/swag/mangling v0.25.5 go: downloading github.com/go-openapi/swag/stringutils v0.25.5 go: downloading github.com/go-openapi/swag/typeutils v0.25.5 go: downloading github.com/go-openapi/swag/netutils v0.25.5 go: downloading github.com/go-openapi/swag/yamlutils v0.25.5 go: downloading github.com/prometheus/statsd_exporter v0.28.0 go: downloading github.com/census-instrumentation/opencensus-proto v0.4.1 go: downloading github.com/golang/protobuf v1.5.4 go: downloading google.golang.org/api v0.262.0 go: downloading github.com/gorilla/mux v1.8.0 go: downloading github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd go: downloading github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee go: downloading go.uber.org/multierr v1.11.0 go: downloading github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 go: downloading github.com/kevinburke/ssh_config v1.4.0 go: downloading github.com/skeema/knownhosts v1.3.2 go: downloading github.com/xanzy/ssh-agent v0.3.3 go: downloading gopkg.in/warnings.v0 v0.1.2 go: downloading github.com/containers/ocicrypt v1.1.10 go: downloading github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 go: downloading github.com/containers/storage v1.51.0 go: downloading github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 go: downloading github.com/x448/float16 v0.8.4 go: downloading github.com/vbatts/tar-split v0.12.2 go: downloading github.com/cloudflare/circl v1.6.3 go: downloading github.com/klauspost/cpuid/v2 v2.3.0 go: downloading github.com/MakeNowJust/heredoc v1.0.0 go: downloading github.com/mitchellh/go-wordwrap v1.0.1 go: downloading github.com/russross/blackfriday/v2 v2.1.0 go: downloading k8s.io/component-base v0.34.2 go: downloading github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.6 go: downloading github.com/docker/go-metrics v0.0.1 go: downloading github.com/blang/semver/v4 v4.0.0 go: downloading github.com/go-errors/errors v1.5.1 go: downloading github.com/chai2010/gettext-go v1.0.3 go: downloading github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f go: downloading github.com/BurntSushi/toml v1.4.0 go: downloading github.com/blang/semver v3.5.1+incompatible go: downloading github.com/xlab/treeprint v1.2.0 go: downloading github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 go: downloading github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 go: downloading github.com/opencontainers/runtime-spec v1.2.0 go: downloading github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 go: downloading github.com/opencontainers/runc v1.1.14 go: downloading github.com/moby/spdystream v0.5.0 go: downloading github.com/moby/sys/mountinfo v0.7.2 go: downloading github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f go: downloading github.com/moby/sys/sequential v0.5.0 go: downloading github.com/containerd/containerd v1.7.25 go: downloading github.com/moby/patternmatcher v0.5.0 go: downloading github.com/docker/go-connections v0.5.0 go: downloading github.com/morikuni/aec v1.0.0 go: downloading github.com/moby/sys/userns v0.1.0 go: downloading github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 Running Suite: Build Service E2E - /workspace/source/test/e2e ============================================================= Random Seed: 1777460234 Will run 147 of 154 specs Running in parallel across 10 processes ------------------------------ • [23.808 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace creates component with context directory go-component [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:106 Timeline >> Image repository for component go-component-eoxmrr in namespace build-e2e-xlaq do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component go-component-eoxmrr in namespace build-e2e-xlaq do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [24.746 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created creates first component [build-service, github, pac-build, secret-lookup] /workspace/source/test/e2e/secret_lookup.go:123 Timeline >> Image repository for component component-one-harx in namespace build-e2e-bful do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component component-one-harx in namespace build-e2e-bful do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [30.127 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created creates second component [build-service, github, pac-build, secret-lookup] /workspace/source/test/e2e/secret_lookup.go:140 Timeline >> Image repository for component component-two-xacm in namespace build-e2e-bful do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component component-two-xacm in namespace build-e2e-bful do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component component-two-xacm in namespace build-e2e-bful do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [0.062 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created check first component annotation has errors [build-service, github, pac-build, secret-lookup] /workspace/source/test/e2e/secret_lookup.go:158 Timeline >> build status annotation value: {"pac":{"state":"error","error-id":74,"error-message":"74: Access token is unrecognizable by GitHub"},"message":"done"} << Timeline ------------------------------ • [57.801 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace creates component with nudges [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:235 Timeline >> ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"gh-multi-component-parent-qdry","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}}Image repository for component gh-multi-component-child-qdry in namespace build-e2e-sctz do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gh-multi-component-child-qdry in namespace build-e2e-sctz do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gh-multi-component-child-qdry in namespace build-e2e-sctz do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gh-multi-component-parent-qdry in namespace build-e2e-sctz do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gh-multi-component-parent-qdry in namespace build-e2e-sctz do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [57.880 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private correctly targets the default branch (that is not named 'main') with PaC [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:137 Timeline >> Image repository for component gh-test-custom-default-swklvq in namespace build-e2e-kxss do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gh-test-custom-default-swklvq in namespace build-e2e-kxss do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [0.301 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private workspace parameter is set correctly in PaC repository CR [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:154 ------------------------------ • [0.522 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:176 ------------------------------ • [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private build pipeline uses the correct serviceAccount [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:191 ------------------------------ • [0.512 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private component build status is set correctly [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:195 Timeline >> build status annotation value: {"pac":{"state":"enabled","merge-url":"https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-jyihgx/pull/1","configuration-time":"Wed, 29 Apr 2026 11:02:27 UTC"},"message":"done"} state: enabled mergeUrl: https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-jyihgx/pull/1 errId: 0 errMessage: configurationTime: Wed, 29 Apr 2026 11:02:27 UTC << Timeline ------------------------------ • [1.363 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private image repo and robot account created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:225 ------------------------------ • [0.283 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private created image repo is private [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:243 ------------------------------ • [40.288 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace triggers a PipelineRun for component go-component-eoxmrr [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:125 Timeline >> PipelineRun has not been created yet for the component build-e2e-xlaq/go-component-eoxmrr PipelineRun has not been created yet for the component build-e2e-xlaq/go-component-eoxmrr << Timeline ------------------------------ • [0.434 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace should lead to a PaC PR creation for component go-component-eoxmrr [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:140 ------------------------------ • [68.239 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace creates component with nudges [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:235 Timeline >> ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"fj-multi-component-parent-vojk","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}}Image repository for component fj-multi-component-child-vojk in namespace build-e2e-ducy do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component fj-multi-component-child-vojk in namespace build-e2e-ducy do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component fj-multi-component-child-vojk in namespace build-e2e-ducy do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component fj-multi-component-parent-vojk in namespace build-e2e-ducy do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component fj-multi-component-parent-vojk in namespace build-e2e-ducy do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [70.125 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace creates component with nudges [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:235 Timeline >> ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"gl-multi-component-parent-jbmm","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}}Image repository for component gl-multi-component-child-jbmm in namespace build-e2e-yrhs do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gl-multi-component-child-jbmm in namespace build-e2e-yrhs do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gl-multi-component-child-jbmm in namespace build-e2e-yrhs do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gl-multi-component-parent-jbmm in namespace build-e2e-yrhs do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [74.584 seconds] [build-service-suite Build service E2E tests] test build annotations when component is created with invalid build request annotations handles invalid request annotation [build-service, github, annotations] /workspace/source/test/e2e/annotations.go:89 Timeline >> Image repository for component test-annotations-nbhbis in namespace build-e2e-ucrr do not have right state ('' != 'ready') yet but it has status { { } { } []}. build status annotation value: {"message":"unexpected build request: foo"} << Timeline ------------------------------ • [80.242 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private correctly targets the default branch (that is not named 'main') with PaC [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:137 Timeline >> Image repository for component fj-test-custom-default-urqyjk in namespace build-e2e-ejpt do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component fj-test-custom-default-urqyjk in namespace build-e2e-ejpt do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component fj-test-custom-default-urqyjk in namespace build-e2e-ejpt do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [0.132 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private workspace parameter is set correctly in PaC repository CR [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:154 ------------------------------ • [92.995 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private correctly targets the default branch (that is not named 'main') with PaC [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:137 Timeline >> Image repository for component gl-test-custom-default-bulwbv in namespace build-e2e-fcrk do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gl-test-custom-default-bulwbv in namespace build-e2e-fcrk do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gl-test-custom-default-bulwbv in namespace build-e2e-fcrk do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [0.133 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private workspace parameter is set correctly in PaC repository CR [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:154 ------------------------------ • [20.203 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:176 Timeline >> PipelineRun has not been created yet for the component build-e2e-ejpt/fj-test-custom-branch-eztadk << Timeline ------------------------------ • [0.000 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private build pipeline uses the correct serviceAccount [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:191 ------------------------------ • [0.066 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private component build status is set correctly [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:195 Timeline >> build status annotation value: {"pac":{"state":"enabled","merge-url":"https://codeberg.org/konflux-qe/devfile-sample-hello-world-lajgmn/pulls/1","configuration-time":"Wed, 29 Apr 2026 11:02:51 UTC"},"message":"done"} state: enabled mergeUrl: https://codeberg.org/konflux-qe/devfile-sample-hello-world-lajgmn/pulls/1 errId: 0 errMessage: configurationTime: Wed, 29 Apr 2026 11:02:51 UTC << Timeline ------------------------------ • [40.118 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private a related PipelineRun should be deleted after deleting the component [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:249 ------------------------------ • [0.214 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private PR branch should not exist in the repo [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:264 ------------------------------ • [1.339 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private image repo and robot account created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:225 ------------------------------ • [0.889 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private related image repo and the robot account should be deleted after deleting the component [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:277 ------------------------------ • [0.288 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private created image repo is private [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:243 ------------------------------ • [21.386 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:176 Timeline >> PipelineRun has not been created yet for the component build-e2e-fcrk/gl-test-custom-branch-tpwyhi << Timeline ------------------------------ • [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private build pipeline uses the correct serviceAccount [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:191 ------------------------------ • [0.323 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private component build status is set correctly [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:195 Timeline >> build status annotation value: {"pac":{"state":"enabled","merge-url":"https://gitlab.com/konflux-qe/devfile-sample-hello-world-wwnhtv/-/merge_requests/1","configuration-time":"Wed, 29 Apr 2026 11:03:04 UTC"},"message":"done"} state: enabled mergeUrl: https://gitlab.com/konflux-qe/devfile-sample-hello-world-wwnhtv/-/merge_requests/1 errId: 0 errMessage: configurationTime: Wed, 29 Apr 2026 11:03:04 UTC << Timeline ------------------------------ • [1.549 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private image repo and robot account created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:225 ------------------------------ • [0.312 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private created image repo is private [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:243 ------------------------------ • [81.230 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created triggered PipelineRun is for component [build-service, github, pac-build, secret-lookup] /workspace/source/test/e2e/secret_lookup.go:178 Timeline >> PipelineRun has not been created yet for the component build-e2e-bful/component-two-xacm PipelineRun has not been created yet for the component build-e2e-bful/component-two-xacm PipelineRun has not been created yet for the component build-e2e-bful/component-two-xacm PipelineRun has not been created yet for the component build-e2e-bful/component-two-xacm << Timeline ------------------------------ • [153.715 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace triggers a PipelineRun for parent component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:259 Timeline >> PipelineRun has not been created yet for the component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun has not been created yet for the component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun has not been created yet for the component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun has not been created yet for the component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun has not been created yet for the component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun has not been created yet for the component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun has not been created yet for the component build-e2e-sctz/gh-multi-component-parent-qdry << Timeline ------------------------------ • [143.930 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace triggers a PipelineRun for parent component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:259 Timeline >> PipelineRun has not been created yet for the component build-e2e-ducy/fj-multi-component-parent-vojk PipelineRun has not been created yet for the component build-e2e-ducy/fj-multi-component-parent-vojk PipelineRun has not been created yet for the component build-e2e-ducy/fj-multi-component-parent-vojk PipelineRun has not been created yet for the component build-e2e-ducy/fj-multi-component-parent-vojk PipelineRun has not been created yet for the component build-e2e-ducy/fj-multi-component-parent-vojk PipelineRun has not been created yet for the component build-e2e-ducy/fj-multi-component-parent-vojk PipelineRun has not been created yet for the component build-e2e-ducy/fj-multi-component-parent-vojk << Timeline ------------------------------ • [114.823 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private a related PipelineRun should be deleted after deleting the component [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:249 ------------------------------ • [1.335 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private PR branch should not exist in the repo [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:264 ------------------------------ • [1.156 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new component without specified branch is created and with visibility private related image repo and the robot account should be deleted after deleting the component [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:277 ------------------------------ • [111.134 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private a related PipelineRun should be deleted after deleting the component [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:249 ------------------------------ • [0.171 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private PR branch should not exist in the repo [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:264 ------------------------------ • [0.907 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new component without specified branch is created and with visibility private related image repo and the robot account should be deleted after deleting the component [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, pac-custom-default-branch] /workspace/source/test/e2e/pac_build.go:277 ------------------------------ • [33.412 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new Component with specified custom branch is created triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:327 Timeline >> Image repository for component gl-test-custom-branch-tpwyhi in namespace build-e2e-fcrk do not have right state ('' != 'ready') yet but it has status { { } { } []}. PipelineRun has not been created yet for the component build-e2e-fcrk/gl-test-custom-branch-tpwyhi << Timeline ------------------------------ • [0.261 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new Component with specified custom branch is created should lead to a PaC init PR creation [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:342 ------------------------------ • [129.746 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created check only one pipelinerun should be triggered [build-service, github, pac-build, secret-lookup] /workspace/source/test/e2e/secret_lookup.go:193 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created when second component is deleted, pac pr branch should not exist in the repo [build-service, github, pac-build, secret-lookup] /workspace/source/test/e2e/secret_lookup.go:206 ------------------------------ • [50.984 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new Component with specified custom branch is created triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:327 Timeline >> PipelineRun has not been created yet for the component build-e2e-ejpt/fj-test-custom-branch-eztadk << Timeline ------------------------------ • [0.328 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new Component with specified custom branch is created should lead to a PaC init PR creation [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:342 ------------------------------ • [189.756 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:327 Timeline >> Image repository for component gh-test-custom-branch-xnefyl in namespace build-e2e-kxss do not have right state ('' != 'ready') yet but it has status { { } { } []}. PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl << Timeline ------------------------------ • [0.265 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created should lead to a PaC init PR creation [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:342 ------------------------------ • [345.996 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace triggers a PipelineRun for parent component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:259 Timeline >> PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm << Timeline ------------------------------ • [500.214 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace the PipelineRun should eventually finish successfully for component go-component-eoxmrr [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:159 Timeline >> PipelineRun go-component-eoxmrr-on-pull-request-64k7g found for Component build-e2e-xlaq/go-component-eoxmrr PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Running PipelineRun go-component-eoxmrr-on-pull-request-64k7g reason: Completed << Timeline ------------------------------ • [2.180 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace merging the PR should be successful [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:164 Timeline >> merged result sha: e65d4ea2e4fcfa354897cce9bcd8957aa28a1bbc for PR #32714 << Timeline ------------------------------ • [21.173 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace leads to triggering on push PipelineRun [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:174 Timeline >> Push PipelineRun has not been created yet for the component build-e2e-xlaq/go-component-eoxmrr << Timeline ------------------------------ • [380.198 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace the PipelineRun should eventually finish successfully for parent component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:274 Timeline >> PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk found for Component build-e2e-ducy/fj-multi-component-parent-vojk PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Running PipelineRun fj-multi-component-parent-vojk-on-pull-request-rphrk reason: Completed << Timeline ------------------------------ • [0.069 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace the PipelineRun should eventually finish successfully for child component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:285 Timeline >> PipelineRun fj-multi-component-child-vojk-on-pull-request-gnlw8 found for Component build-e2e-ducy/fj-multi-component-child-vojk PipelineRun fj-multi-component-child-vojk-on-pull-request-gnlw8 reason: Completed << Timeline ------------------------------ • [0.454 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace should lead to a PaC PR creation for child component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:289 ------------------------------ • [1.947 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace Merging the PaC PR should be successful for child component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:307 Timeline >> merged result sha: f79715eee302c7ff7d4139d3612f424b031d2f60 for PR #1 << Timeline ------------------------------ • [10.468 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace creates component with context directory python-component [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:106 ------------------------------ • [9.618 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace create dockerfile and yaml manifest that references build and distribution repositories [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:318 ------------------------------ • [0.311 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace should lead to a PaC PR creation for parent component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:358 ------------------------------ • [2.312 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace Merging the PaC PR should be successful for parent component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:375 Timeline >> merged result sha: c97123680b44e5468baf3bcfbd1edbe22a68b741 for PR #1 << Timeline ------------------------------ • [400.213 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace the PipelineRun should eventually finish successfully for parent component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:274 Timeline >> PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz found for Component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Running PipelineRun gh-multi-component-parent-qdry-on-pull-request-5cvdz reason: Completed << Timeline ------------------------------ • [0.074 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace the PipelineRun should eventually finish successfully for child component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:285 Timeline >> PipelineRun gh-multi-component-child-qdry-on-pull-request-hpc95 found for Component build-e2e-sctz/gh-multi-component-child-qdry PipelineRun gh-multi-component-child-qdry-on-pull-request-hpc95 reason: Completed << Timeline ------------------------------ • [0.211 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace should lead to a PaC PR creation for child component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:289 ------------------------------ • [1.942 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace Merging the PaC PR should be successful for child component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:307 Timeline >> merged result sha: 0f5dba7d7f9622e2ee4a8a5efa584071d4f8d1db for PR #1 << Timeline ------------------------------ • [20.210 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace triggers a PipelineRun for component python-component-ayhvev [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:125 Timeline >> PipelineRun has not been created yet for the component build-e2e-xlaq/python-component-ayhvev << Timeline ------------------------------ • [0.442 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace should lead to a PaC PR creation for component python-component-ayhvev [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:140 ------------------------------ • [5.761 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace create dockerfile and yaml manifest that references build and distribution repositories [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:318 ------------------------------ • [0.189 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace should lead to a PaC PR creation for parent component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:358 ------------------------------ • [1.957 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace Merging the PaC PR should be successful for parent component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:375 Timeline >> merged result sha: 6dfc0e7818e3cee33bb9a249454b22fc82dd0f9f for PR #1 << Timeline ------------------------------ • [20.199 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace PR merge triggers PAC PipelineRun for parent component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:385 Timeline >> Push PipelineRun has not been created yet for the component build-e2e-ducy/fj-multi-component-parent-vojk << Timeline ------------------------------ • [20.214 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace PR merge triggers PAC PipelineRun for parent component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:385 Timeline >> Push PipelineRun has not been created yet for the component build-e2e-sctz/gh-multi-component-parent-qdry << Timeline ------------------------------ • [440.217 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new Component with specified custom branch is created the PipelineRun should eventually finish successfully [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:360 Timeline >> PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz found for Component build-e2e-fcrk/gl-test-custom-branch-tpwyhi PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz reason: Completed << Timeline ------------------------------ • [2.028 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new Component with specified custom branch is created image repo and robot account created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:365 ------------------------------ • [0.288 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new Component with specified custom branch is created created image repo is public [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:384 ------------------------------ • [0.851 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new Component with specified custom branch is created image tag is updated successfully [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:390 Timeline >> Image tag quay.io/redhat-appstudio-qe/build-e2e-fcrk/gl-test-custom-branch-tpwyhi:on-pr-f3ae9231fbce2313cc4abec4b92207f34e130cb5 successfully found in Quay << Timeline ------------------------------ • [0.723 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new Component with specified custom branch is created should ensure pruning labels are set [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:416 ------------------------------ • [0.397 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when a new Component with specified custom branch is created eventually leads to the PipelineRun status report at Checks tab [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:433 ------------------------------ • [46.856 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is updated eventually leads to triggering another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:458 Timeline >> created file sha: fa200585069ac45ddd8086958403baff0a86a0ca PipelineRun has not been created yet for the component build-e2e-fcrk/gl-test-custom-branch-tpwyhi << Timeline ------------------------------ • [0.187 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is updated should lead to a PaC init PR update [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:473 ------------------------------ • [500.459 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new Component with specified custom branch is created the PipelineRun should eventually finish successfully [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:360 Timeline >> PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh found for Component build-e2e-ejpt/fj-test-custom-branch-eztadk PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh reason: Completed << Timeline ------------------------------ • [2.072 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new Component with specified custom branch is created image repo and robot account created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:365 ------------------------------ • [0.283 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new Component with specified custom branch is created created image repo is public [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:384 ------------------------------ • [0.821 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new Component with specified custom branch is created image tag is updated successfully [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:390 Timeline >> Image tag quay.io/redhat-appstudio-qe/build-e2e-ejpt/fj-test-custom-branch-eztadk:on-pr-1428ef1526bb4446a3598c6f4a9c3b35fe8d8b07 successfully found in Quay << Timeline ------------------------------ • [1.840 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new Component with specified custom branch is created should ensure pruning labels are set [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:416 ------------------------------ • [0.511 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when a new Component with specified custom branch is created eventually leads to the PipelineRun status report at Checks tab [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:433 ------------------------------ • [62.724 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is updated eventually leads to triggering another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:458 Timeline >> created file sha: ed7cd7a127eb63503601d199e529ec42af18fdb7 PipelineRun has not been created yet for the component build-e2e-ejpt/fj-test-custom-branch-eztadk << Timeline ------------------------------ • [0.262 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is updated should lead to a PaC init PR update [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:473 ------------------------------ • [921.716 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created the PipelineRun should eventually finish successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:360 Timeline >> PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d found for Component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun has not been created yet for the Component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-sbs8d reason: Completed << Timeline ------------------------------ • [1.682 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created image repo and robot account created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:365 ------------------------------ • [0.318 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created created image repo is public [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:384 ------------------------------ • [802.910 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace the PipelineRun should eventually finish successfully for parent component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:274 Timeline >> PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj found for Component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun has not been created yet for the Component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Running PipelineRun gl-multi-component-parent-jbmm-on-pull-request-g86gj reason: Completed << Timeline ------------------------------ • [3.524 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created image tag is updated successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:390 Timeline >> Image tag quay.io/redhat-appstudio-qe/build-e2e-kxss/gh-test-custom-branch-xnefyl:on-pr-e9d17eb452cc506f2a474857ec89968cc12e2af7 successfully found in Quay << Timeline ------------------------------ • [1.933 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace the PipelineRun should eventually finish successfully for child component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:285 Timeline >> PipelineRun gl-multi-component-child-jbmm-on-pull-request-2nhv9 found for Component build-e2e-yrhs/gl-multi-component-child-jbmm PipelineRun gl-multi-component-child-jbmm-on-pull-request-2nhv9 reason: Completed << Timeline ------------------------------ • [0.300 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace should lead to a PaC PR creation for child component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:289 ------------------------------ • [2.065 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created should ensure pruning labels are set [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:416 ------------------------------ • [0.525 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created eventually leads to the PipelineRun status report at Checks tab [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:433 ------------------------------ • [1.320 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace Merging the PaC PR should be successful for child component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:307 Timeline >> merged result sha: 9351ef72424b0862ddded9299649eff472acc869 for PR #1 << Timeline ------------------------------ • [66.529 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated eventually leads to triggering another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:458 Timeline >> created file sha: 390d176b6b063ae29a495650f521d24212f2332f PipelineRun has not been created yet for the component build-e2e-kxss/gh-test-custom-branch-xnefyl << Timeline ------------------------------ • [0.258 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated should lead to a PaC init PR update [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:473 ------------------------------ • [69.075 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace create dockerfile and yaml manifest that references build and distribution repositories [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:318 ------------------------------ • [0.222 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace should lead to a PaC PR creation for parent component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:358 ------------------------------ • [1.226 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace Merging the PaC PR should be successful for parent component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:375 Timeline >> merged result sha: 6ba416cd4ab05fe09b5965575d10efd4a80e2000 for PR #1 << Timeline ------------------------------ • [20.359 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace PR merge triggers PAC PipelineRun for parent component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:385 Timeline >> Push PipelineRun has not been created yet for the component build-e2e-yrhs/gl-multi-component-parent-jbmm << Timeline ------------------------------ • [1242.351 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace PAC PipelineRun for parent component is successful [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:401 Timeline >> PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 found for Component build-e2e-ducy/fj-multi-component-parent-vojk PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: ResolvingTaskRef PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Running PipelineRun fj-multi-component-parent-vojk-on-push-nsgr7 reason: Completed << Timeline ------------------------------ • [FAILED] [1363.279 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is updated [It] PipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:492 Timeline >> PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq found for Component build-e2e-fcrk/gl-test-custom-branch-tpwyhi PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun has not been created yet for the Component build-e2e-fcrk/gl-test-custom-branch-tpwyhi PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: ResolvingTaskRef PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun has not been created yet for the Component build-e2e-fcrk/gl-test-custom-branch-tpwyhi PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Running PipelineRun gl-test-custom-branch-tpwyhi-on-pull-request-mcblq reason: Failed attempt 1/3: PipelineRun "gl-test-custom-branch-tpwyhi-on-pull-request-mcblq" failed: pod: gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz-init-pod | init container: prepare 2026/04/29 11:07:20 Entrypoint initialization pod: gl-test-custom-branch-tpwyhi-on-pull-request-lxjhz-init-pod | container step-init: time="2026-04-29T11:07:26Z" level=info msg="[param] enable: false" time="2026-04-29T11:07:26Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:07:26Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:07:26Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:07:26Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:07:26Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:07:26Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:07:26Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:07:26Z" level=info msg="[result] NO PROXY: " pod: gl-test-custom-branch-tpwyhi-on-pull-request-mcblq-init-pod | init container: prepare 2026/04/29 11:23:28 Entrypoint initialization pod: gl-test-custom-branch-tpwyhi-on-pull-request-mcblq-init-pod | container step-init: time="2026-04-29T11:26:54Z" level=info msg="[param] enable: false" time="2026-04-29T11:26:54Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:26:54Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:26:54Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:26:54Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:26:54Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:26:54Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:26:54Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:26:54Z" level=info msg="[result] NO PROXY: " [FAILED] in [It] - /workspace/source/test/e2e/pac_build.go:494 @ 04/29/26 11:35:32.308 << Timeline [FAILED] Expected success, but got an error: <*errors.errorString | 0xc001566890>: failed to delete PipelineRun "gl-test-custom-branch-tpwyhi-on-pull-request-mcblq" from "build-e2e-fcrk" namespace with error: Timeout: request did not complete within requested timeout - context deadline exceeded { s: "failed to delete PipelineRun \"gl-test-custom-branch-tpwyhi-on-pull-request-mcblq\" from \"build-e2e-fcrk\" namespace with error: Timeout: request did not complete within requested timeout - context deadline exceeded", } In [It] at: /workspace/source/test/e2e/pac_build.go:494 @ 04/29/26 11:35:32.308 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is updated [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:497 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:497 @ 04/29/26 11:36:50.991 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged [It] eventually leads to triggering another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:523 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:523 @ 04/29/26 11:36:50.992 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged [It] pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:539 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:539 @ 04/29/26 11:36:50.992 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged [It] does not have expiration set [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:545 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:545 @ 04/29/26 11:36:50.992 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged [It] After updating image visibility to private, it should not trigger another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:560 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:560 @ 04/29/26 11:36:50.993 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged [It] image repo is updated to private [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:590 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:590 @ 04/29/26 11:36:50.993 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:595 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:631 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the component is removed and recreated (with the same name in the same namespace) [It] should no longer lead to a creation of a PaC PR [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:701 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:701 @ 04/29/26 11:36:50.993 ------------------------------ • [365.852 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace should lead to a nudge PR creation for child component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:412 ------------------------------ • [1.988 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace merging the PR should be successful for child component [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:429 Timeline >> merged result sha: 8d51f27d0c8d146408cb40df03c97b5bceb98ab2 for PR #3 << Timeline ------------------------------ • [46.005 seconds] [build-service-suite Build service E2E tests] test git provider fj component update with renovate when components are created in same namespace Verify the nudge updated the contents [build-service, renovate, multi-component, forgejo] /workspace/source/test/e2e/renovate.go:440 Timeline >> Verifying Dockerfile.tmp updated to sha sha256:1bf88be86a621b59bcdea7adfb8dc4d21faa261eafb5bee2ae9059f4048f325acontent: FROM quay.io/redhat-appstudio-qe/build-e2e-ducy/fj-multi-component-parent-vojk@sha256:1bf88be86a621b59bcdea7adfb8dc4d21faa261eafb5bee2ae9059f4048f325a RUN echo hello << Timeline ------------------------------ • [FAILED] [2079.693 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] PAC PipelineRun for parent component is successful [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:401 Timeline >> PipelineRun gh-multi-component-parent-qdry-on-push-2b46z found for Component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping PipelineRun gh-multi-component-parent-qdry-on-push-2b46z reason: PipelineRunStopping attempt 1/3: PipelineRun "gh-multi-component-parent-qdry-on-push-2b46z" failed: context deadline exceededNew PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 found after retrigger for component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 found for Component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 reason: PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 reason: PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-zfmq7 reason: Failed attempt 2/3: PipelineRun "gh-multi-component-parent-qdry-on-push-zfmq7" failed: pod: gh-multi-component-parent-qdry-on-pull-request-5cvdz-init-pod | init container: prepare 2026/04/29 11:06:16 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-pull-request-5cvdz-init-pod | container step-init: time="2026-04-29T11:06:19Z" level=info msg="[param] enable: false" time="2026-04-29T11:06:19Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:06:19Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:06:19Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:06:19Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:06:19Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:06:19Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:06:19Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:06:19Z" level=info msg="[result] NO PROXY: " pod: gh-multi-component-parent-qdry-on-push-2b46z-apply-tags-pod | init container: prepare 2026/04/29 11:33:39 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-apply-tags-pod | container step-apply-additional-tags: time="2026-04-29T11:34:21Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry:6dfc0e7818e3cee33bb9a249454b22fc82dd0f9f" time="2026-04-29T11:34:21Z" level=info msg="[param] digest: sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589" time="2026-04-29T11:34:21Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-29T11:34:22Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | init container: prepare 2026/04/29 11:32:59 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | init container: place-scripts 2026/04/29 11:33:14 Decoded script /tekton/scripts/script-0-8pcw5 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-1-k99l2 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-2-ghmvw 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-3-jvvln pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589. pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... 2026-04-29T11:34:39Z INF matchers created component=libvuln/New matchers=[{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"}] 2026-04-29T11:34:39Z INF libvuln initialized component=libvuln/New 2026-04-29T11:34:41Z INF registered configured scanners component=libindex/New 2026-04-29T11:34:41Z INF NewLayerScanner: constructing a new layer-scanner component=indexer.NewLayerScanner 2026-04-29T11:34:41Z INF index request start component=libindex/Libindex.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 2026-04-29T11:34:41Z INF starting scan component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 2026-04-29T11:34:41Z INF manifest to be scanned component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=CheckManifest 2026-04-29T11:34:41Z INF layers fetch start component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers fetch success component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers fetch done component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers scan start component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=ScanLayers 2026-04-29T11:34:42Z INF layers scan done component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=ScanLayers 2026-04-29T11:34:42Z INF starting index manifest component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexManifest 2026-04-29T11:34:42Z INF finishing scan component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexFinished 2026-04-29T11:34:42Z INF manifest successfully scanned component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexFinished 2026-04-29T11:34:42Z INF index request done component=libindex/Libindex.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 { "manifest_hash": "sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589", "packages": { "+A7/nzEXX3Q/xJZ50VMnlQ==": { "id": "+A7/nzEXX3Q/xJZ50VMnlQ==", "name": "libidn2", "version": "2.3.0-7.el9", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.3.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+X1MdmtPTbyDb/wq7joJhA==": { "id": "+X1MdmtPTbyDb/wq7joJhA==", "name": "libtool-ltdl", "version": "2.4.6-46.el9", "kind": "binary", "source": { "id": "", "name": "libtool", "version": "2.4.6-46.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+bwl6UbMaWOBWdHNekJsEw==": { "id": "+bwl6UbMaWOBWdHNekJsEw==", "name": "coreutils-single", "version": "8.32-39.el9", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.32-39.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/L1kFEoHZTukrNTCQLypFQ==": { "id": "/L1kFEoHZTukrNTCQLypFQ==", "name": "xz-libs", "version": "5.2.5-8.el9_0", "kind": "binary", "source": { "id": "", "name": "xz", "version": "5.2.5-8.el9_0", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/O7rOBo1qRMFm3q3Kf3mEw==": { "id": "/O7rOBo1qRMFm3q3Kf3mEw==", "name": "libselinux", "version": "3.6-3.el9", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "3.6-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/h/TBQhfoSMCmey5oN87jA==": { "id": "/h/TBQhfoSMCmey5oN87jA==", "name": "libsolv", "version": "0.7.24-3.el9", "kind": "binary", "source": { "id": "", "name": "libsolv", "version": "0.7.24-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/ub7EE8Da46T0x7lRdlVJg==": { "id": "/ub7EE8Da46T0x7lRdlVJg==", "name": "libsmartcols", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "0T19Aon0dgLleTpQjLWzKw==": { "id": "0T19Aon0dgLleTpQjLWzKw==", "name": "crypto-policies", "version": "20250128-1.git5269e22.el9", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20250128-1.git5269e22.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "1atoBfoH0mJ0bCpetQ7/0g==": { "id": "1atoBfoH0mJ0bCpetQ7/0g==", "name": "file-libs", "version": "5.39-16.el9", "kind": "binary", "source": { "id": "", "name": "file", "version": "5.39-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "2gCbp4kt+cF44NF/LqukDg==": { "id": "2gCbp4kt+cF44NF/LqukDg==", "name": "pcre2-syntax", "version": "10.40-6.el9", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.40-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "5+tHFkkNi+1rUDSrmgYdkw==": { "id": "5+tHFkkNi+1rUDSrmgYdkw==", "name": "p11-kit-trust", "version": "0.25.3-3.el9_5", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5fhQlRzIg/IB8EVM2pFIZA==": { "id": "5fhQlRzIg/IB8EVM2pFIZA==", "name": "audit-libs", "version": "3.1.5-4.el9", "kind": "binary", "source": { "id": "", "name": "audit", "version": "3.1.5-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6WyRl8U3PR6ipKlxqlBzFA==": { "id": "6WyRl8U3PR6ipKlxqlBzFA==", "name": "ncurses-base", "version": "6.2-10.20210508.el9_6.2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2-10.20210508.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "7cpIREEQnkaI7dbmWgmrvg==": { "id": "7cpIREEQnkaI7dbmWgmrvg==", "name": "gdbm-libs", "version": "1:1.23-1.el9", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.23-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7mDaaxs3ev+uNEDYC97U3Q==": { "id": "7mDaaxs3ev+uNEDYC97U3Q==", "name": "zlib", "version": "1.2.11-40.el9", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1.2.11-40.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7ra56f21gLrcSpBD8a9+NQ==": { "id": "7ra56f21gLrcSpBD8a9+NQ==", "name": "libmount", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7vssDPaHKfFKMLimKBo7Gw==": { "id": "7vssDPaHKfFKMLimKBo7Gw==", "name": "libpeas", "version": "1.30.0-4.el9", "kind": "binary", "source": { "id": "", "name": "libpeas", "version": "1.30.0-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "8uME+PFu6p/OAD7q+ZTVLw==": { "id": "8uME+PFu6p/OAD7q+ZTVLw==", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9olIUlLHZMdoUMju+8diyQ==": { "id": "9olIUlLHZMdoUMju+8diyQ==", "name": "filesystem", "version": "3.16-5.el9", "kind": "binary", "source": { "id": "", "name": "filesystem", "version": "3.16-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BQhiFmX4hLYteW4oRCLTSA==": { "id": "BQhiFmX4hLYteW4oRCLTSA==", "name": "libassuan", "version": "2.5.5-3.el9", "kind": "binary", "source": { "id": "", "name": "libassuan", "version": "2.5.5-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BRLVvSCW1qZQlEQR2x48fQ==": { "id": "BRLVvSCW1qZQlEQR2x48fQ==", "name": "gobject-introspection", "version": "1.68.0-11.el9", "kind": "binary", "source": { "id": "", "name": "gobject-introspection", "version": "1.68.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "CpfomSYboaXPZ9yn9NgGgw==": { "id": "CpfomSYboaXPZ9yn9NgGgw==", "name": "krb5-libs", "version": "1.21.1-8.el9_6", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.21.1-8.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DrLq8qfU1bfE8o8AfdvkrQ==": { "id": "DrLq8qfU1bfE8o8AfdvkrQ==", "name": "libverto", "version": "0.3.2-3.el9", "kind": "binary", "source": { "id": "", "name": "libverto", "version": "0.3.2-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FZ9gWulzkx76xjTSH/yM/g==": { "id": "FZ9gWulzkx76xjTSH/yM/g==", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "binary", "source": { "id": "", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FrUQI+koTfbikRk1jsFd0w==": { "id": "FrUQI+koTfbikRk1jsFd0w==", "name": "libstdc++", "version": "11.5.0-5.el9_5", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "11.5.0-5.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "G61ZL2SOHR2qgvQfi118gw==": { "id": "G61ZL2SOHR2qgvQfi118gw==", "name": "dejavu-sans-fonts", "version": "2.37-18.el9", "kind": "binary", "source": { "id": "", "name": "dejavu-fonts", "version": "2.37-18.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "HQdWvmyUSqtI3UTY0T4JiQ==": { "id": "HQdWvmyUSqtI3UTY0T4JiQ==", "name": "pcre", "version": "8.44-4.el9", "kind": "binary", "source": { "id": "", "name": "pcre", "version": "8.44-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "I16VSEydeiRYB1TSf5694A==": { "id": "I16VSEydeiRYB1TSf5694A==", "name": "libreport-filesystem", "version": "2.15.2-6.el9", "kind": "binary", "source": { "id": "", "name": "libreport", "version": "2.15.2-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "IZ65O3ZOapykHwhaOX1/YA==": { "id": "IZ65O3ZOapykHwhaOX1/YA==", "name": "libnghttp2", "version": "1.43.0-6.el9", "kind": "binary", "source": { "id": "", "name": "nghttp2", "version": "1.43.0-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JKP7JzVg7UGaAz4VrH03lQ==": { "id": "JKP7JzVg7UGaAz4VrH03lQ==", "name": "langpacks-core-font-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "KF5C+zKu/uFB7knCqOvDAQ==": { "id": "KF5C+zKu/uFB7knCqOvDAQ==", "name": "json-glib", "version": "1.6.6-1.el9", "kind": "binary", "source": { "id": "", "name": "json-glib", "version": "1.6.6-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "KXUGN6voGlWUMRN5TCFy4w==": { "id": "KXUGN6voGlWUMRN5TCFy4w==", "name": "systemd-libs", "version": "252-51.el9_6.2", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "252-51.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Lwqn0aweLQLZmo12VvYcog==": { "id": "Lwqn0aweLQLZmo12VvYcog==", "name": "popt", "version": "1.18-8.el9", "kind": "binary", "source": { "id": "", "name": "popt", "version": "1.18-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "M9YTWinowLqOqX/+8mbhjg==": { "id": "M9YTWinowLqOqX/+8mbhjg==", "name": "sqlite-libs", "version": "3.34.1-8.el9_6", "kind": "binary", "source": { "id": "", "name": "sqlite", "version": "3.34.1-8.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "MDH8Zt4oQWDiYk9qFV5Lbg==": { "id": "MDH8Zt4oQWDiYk9qFV5Lbg==", "name": "libxcrypt", "version": "4.4.18-3.el9", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "4.4.18-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NdCY2/S+syamLH224R4hug==": { "id": "NdCY2/S+syamLH224R4hug==", "name": "langpacks-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "O1acB+rpl9OLkk9I6phF7Q==": { "id": "O1acB+rpl9OLkk9I6phF7Q==", "name": "shadow-utils", "version": "2:4.9-12.el9", "kind": "binary", "source": { "id": "", "name": "shadow-utils", "version": "4.9-12.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OCIjbR16ktOEiFK36r0WNw==": { "id": "OCIjbR16ktOEiFK36r0WNw==", "name": "libtasn1", "version": "4.16.0-9.el9", "kind": "binary", "source": { "id": "", "name": "libtasn1", "version": "4.16.0-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OaFmq38HlbKLTTEM/qATzg==": { "id": "OaFmq38HlbKLTTEM/qATzg==", "name": "libcurl-minimal", "version": "7.76.1-31.el9_6.1", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.76.1-31.el9_6.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OgwdUybWl/HQYbnPTE4Psw==": { "id": "OgwdUybWl/HQYbnPTE4Psw==", "name": "npth", "version": "1.6-8.el9", "kind": "binary", "source": { "id": "", "name": "npth", "version": "1.6-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Ohssf0Jzlafd9vtrrUKCXg==": { "id": "Ohssf0Jzlafd9vtrrUKCXg==", "name": "bash", "version": "5.1.8-9.el9", "kind": "binary", "source": { "id": "", "name": "bash", "version": "5.1.8-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "P5Om9zCJ/QZ+hnrEvj6fGw==": { "id": "P5Om9zCJ/QZ+hnrEvj6fGw==", "name": "libgcrypt", "version": "1.10.0-11.el9", "kind": "binary", "source": { "id": "", "name": "libgcrypt", "version": "1.10.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PIk2BBAWexCFofMi5q03RA==": { "id": "PIk2BBAWexCFofMi5q03RA==", "name": "pcre2", "version": "10.40-6.el9", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.40-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PZXvGa4khHd2n6o73hJ/Pg==": { "id": "PZXvGa4khHd2n6o73hJ/Pg==", "name": "microdnf", "version": "3.9.1-3.el9", "kind": "binary", "source": { "id": "", "name": "microdnf", "version": "3.9.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RXh3fimX8fGZeCt4chJEiA==": { "id": "RXh3fimX8fGZeCt4chJEiA==", "name": "librhsm", "version": "0.0.3-9.el9", "kind": "binary", "source": { "id": "", "name": "librhsm", "version": "0.0.3-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "S8p9UGak1oycptcpYp/1eg==": { "id": "S8p9UGak1oycptcpYp/1eg==", "name": "openldap", "version": "2.6.8-4.el9", "kind": "binary", "source": { "id": "", "name": "openldap", "version": "2.6.8-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "SjQtW3gQmgt+Qj8JlnY4Mg==": { "id": "SjQtW3gQmgt+Qj8JlnY4Mg==", "name": "libblkid", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Su8bfW9ijc0V5CiAum2V1g==": { "id": "Su8bfW9ijc0V5CiAum2V1g==", "name": "bzip2-libs", "version": "1.0.8-10.el9_5", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.8-10.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TPIRq84Pr3a6ywzPeCr3Pw==": { "id": "TPIRq84Pr3a6ywzPeCr3Pw==", "name": "libcap-ng", "version": "0.8.2-7.el9", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.8.2-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "To0NR+oyXDu1CYJfmVGurQ==": { "id": "To0NR+oyXDu1CYJfmVGurQ==", "name": "gpgme", "version": "1.15.1-6.el9", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.15.1-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VV2Z1ngTs6sGvt5SrayPCg==": { "id": "VV2Z1ngTs6sGvt5SrayPCg==", "name": "libgpg-error", "version": "1.42-5.el9", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.42-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VX9V+Y680L2xf2tBREdpCw==": { "id": "VX9V+Y680L2xf2tBREdpCw==", "name": "gmp", "version": "1:6.2.0-13.el9", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "6.2.0-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "WtG8AvirpmNJ8wVE+fxfGQ==": { "id": "WtG8AvirpmNJ8wVE+fxfGQ==", "name": "libxml2", "version": "2.9.13-12.el9_6", "kind": "binary", "source": { "id": "", "name": "libxml2", "version": "2.9.13-12.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XG5+bW8np2NedSy/od6z8Q==": { "id": "XG5+bW8np2NedSy/od6z8Q==", "name": "libacl", "version": "2.3.1-4.el9", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.3.1-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XJlS+gwEt7T+nNr/Bflqzg==": { "id": "XJlS+gwEt7T+nNr/Bflqzg==", "name": "glibc-minimal-langpack", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XMkvB1ljVS0bNTUu2UEs3g==": { "id": "XMkvB1ljVS0bNTUu2UEs3g==", "name": "libgcc", "version": "11.5.0-5.el9_5", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "11.5.0-5.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XwbkaIGCYyq6BjBMVZ1wzw==": { "id": "XwbkaIGCYyq6BjBMVZ1wzw==", "name": "readline", "version": "8.1-4.el9", "kind": "binary", "source": { "id": "", "name": "readline", "version": "8.1-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ZabCZVOpeuHGnRiGdzqBig==": { "id": "ZabCZVOpeuHGnRiGdzqBig==", "name": "openssl-fips-provider-so", "version": "3.0.7-6.el9_5", "kind": "binary", "source": { "id": "", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "arLt5War9yeQ8auYn/Idmw==": { "id": "arLt5War9yeQ8auYn/Idmw==", "name": "nettle", "version": "3.10.1-1.el9", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.10.1-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ayTA+mXRKgSCRl5LaqP4/w==": { "id": "ayTA+mXRKgSCRl5LaqP4/w==", "name": "glib2", "version": "2.68.4-16.el9_6.2", "kind": "binary", "source": { "id": "", "name": "glib2", "version": "2.68.4-16.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bFvWffGqJWr7FWnI7K9NVw==": { "id": "bFvWffGqJWr7FWnI7K9NVw==", "name": "grep", "version": "3.6-5.el9", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.6-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bemGVBhbDe9iV1Kjvd9hAA==": { "id": "bemGVBhbDe9iV1Kjvd9hAA==", "name": "libffi", "version": "3.4.2-8.el9", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.4.2-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bgzKs6bbeWeXxcqE+n7Jog==": { "id": "bgzKs6bbeWeXxcqE+n7Jog==", "name": "libsepol", "version": "3.6-2.el9", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "3.6-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dC9CoYt17eaqinGSVCfCxw==": { "id": "dC9CoYt17eaqinGSVCfCxw==", "name": "libattr", "version": "2.5.1-3.el9", "kind": "binary", "source": { "id": "", "name": "attr", "version": "2.5.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "de44cUqF23LvU0fOSvNRjA==": { "id": "de44cUqF23LvU0fOSvNRjA==", "name": "libevent", "version": "2.1.12-8.el9_4", "kind": "binary", "source": { "id": "", "name": "libevent", "version": "2.1.12-8.el9_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dpQG/pUwAqVv1OdQqnvylQ==": { "id": "dpQG/pUwAqVv1OdQqnvylQ==", "name": "libsigsegv", "version": "2.13-4.el9", "kind": "binary", "source": { "id": "", "name": "libsigsegv", "version": "2.13-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eK3V3oi6vbIfOQRAcWBYDw==": { "id": "eK3V3oi6vbIfOQRAcWBYDw==", "name": "glibc-common", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eRa7MZyiHBvsv7GPhkGKdg==": { "id": "eRa7MZyiHBvsv7GPhkGKdg==", "name": "lua-libs", "version": "5.4.4-4.el9", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.4.4-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eaygsCP+5IpdIryvw94Tcw==": { "id": "eaygsCP+5IpdIryvw94Tcw==", "name": "rootfiles", "version": "8.1-34.el9", "kind": "binary", "source": { "id": "", "name": "rootfiles", "version": "8.1-34.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f8lJd/yoDqE6O0RUQGqkpQ==": { "id": "f8lJd/yoDqE6O0RUQGqkpQ==", "name": "libusbx", "version": "1.0.26-1.el9", "kind": "binary", "source": { "id": "", "name": "libusbx", "version": "1.0.26-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gsKPriszRNKAqMnHK+dXgw==": { "id": "gsKPriszRNKAqMnHK+dXgw==", "name": "libksba", "version": "1.5.1-7.el9", "kind": "binary", "source": { "id": "", "name": "libksba", "version": "1.5.1-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hYEisV19Dxn4PvCvxJFm5A==": { "id": "hYEisV19Dxn4PvCvxJFm5A==", "name": "lz4-libs", "version": "1.9.3-5.el9", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.9.3-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iTD/lpKAM3AZEWh+zVx2tg==": { "id": "iTD/lpKAM3AZEWh+zVx2tg==", "name": "librepo", "version": "1.14.5-2.el9", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.5-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iVtx1BX52G3zRfk+g/oWIg==": { "id": "iVtx1BX52G3zRfk+g/oWIg==", "name": "openssl-libs", "version": "1:3.2.2-6.el9_5.1", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "3.2.2-6.el9_5.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iaJm7Mdk9UadnBII0ZwMeA==": { "id": "iaJm7Mdk9UadnBII0ZwMeA==", "name": "dnf-data", "version": "4.14.0-25.el9", "kind": "binary", "source": { "id": "", "name": "dnf", "version": "4.14.0-25.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "izPQpATHYfezyT+kcua/tQ==": { "id": "izPQpATHYfezyT+kcua/tQ==", "name": "gnutls", "version": "3.8.3-6.el9_6.2", "kind": "binary", "source": { "id": "", "name": "gnutls", "version": "3.8.3-6.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jAjaNW7NMGiv7HfByDu4RQ==": { "id": "jAjaNW7NMGiv7HfByDu4RQ==", "name": "alternatives", "version": "1.24-2.el9", "kind": "binary", "source": { "id": "", "name": "chkconfig", "version": "1.24-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kAEPeyZOK/FwFoG6mOFUbQ==": { "id": "kAEPeyZOK/FwFoG6mOFUbQ==", "name": "libcap", "version": "2.48-9.el9_2", "kind": "binary", "source": { "id": "", "name": "libcap", "version": "2.48-9.el9_2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kFxhSjWy84mTZBM4XiZaeQ==": { "id": "kFxhSjWy84mTZBM4XiZaeQ==", "name": "setup", "version": "2.13.7-10.el9", "kind": "binary", "source": { "id": "", "name": "setup", "version": "2.13.7-10.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "kgbITSeRtKiT7enG8buGXw==": { "id": "kgbITSeRtKiT7enG8buGXw==", "name": "libcom_err", "version": "1.46.5-7.el9", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.5-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kigiD4fuysu8/DeCr+ONKQ==": { "id": "kigiD4fuysu8/DeCr+ONKQ==", "name": "basesystem", "version": "11-13.el9", "kind": "binary", "source": { "id": "", "name": "basesystem", "version": "11-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "kp6BaioAZ30jbVeZkkzokA==": { "id": "kp6BaioAZ30jbVeZkkzokA==", "name": "libzstd", "version": "1.5.5-1.el9", "kind": "binary", "source": { "id": "", "name": "zstd", "version": "1.5.5-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kvpHJLhsWpgEBJjx168pDg==": { "id": "kvpHJLhsWpgEBJjx168pDg==", "name": "tzdata", "version": "2025b-1.el9", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2025b-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "lI6hCbIwETVhCFhL4BxyiQ==": { "id": "lI6hCbIwETVhCFhL4BxyiQ==", "name": "libdnf", "version": "0.69.0-13.el9", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.69.0-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lad8JH31WlI0MsNEYhUWlA==": { "id": "lad8JH31WlI0MsNEYhUWlA==", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mDM1q1sl0PqUWEn54kTSRw==": { "id": "mDM1q1sl0PqUWEn54kTSRw==", "name": "curl-minimal", "version": "7.76.1-31.el9_6.1", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.76.1-31.el9_6.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mK/FUfODp3MR7WS2xegPsw==": { "id": "mK/FUfODp3MR7WS2xegPsw==", "name": "langpacks-core-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "mPqGnMbiXN6jP61aGbHvOA==": { "id": "mPqGnMbiXN6jP61aGbHvOA==", "name": "libyaml", "version": "0.2.5-7.el9", "kind": "binary", "source": { "id": "", "name": "libyaml", "version": "0.2.5-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nzQEyt4JfkGeZIIHPiBhog==": { "id": "nzQEyt4JfkGeZIIHPiBhog==", "name": "libuuid", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nzlusFbkan5h1d1Ks+BKBQ==": { "id": "nzlusFbkan5h1d1Ks+BKBQ==", "name": "ncurses-libs", "version": "6.2-10.20210508.el9_6.2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2-10.20210508.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "pYM7mYzFYUjRrK74RyhfOw==": { "id": "pYM7mYzFYUjRrK74RyhfOw==", "name": "redhat-release", "version": "9.6-0.1.el9", "kind": "binary", "source": { "id": "", "name": "redhat-release", "version": "9.6-0.1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "qYSZ6aKFWol313IOGRXaug==": { "id": "qYSZ6aKFWol313IOGRXaug==", "name": "json-c", "version": "0.14-11.el9", "kind": "binary", "source": { "id": "", "name": "json-c", "version": "0.14-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rCLp3m64Catai9VuHvh3Lw==": { "id": "rCLp3m64Catai9VuHvh3Lw==", "name": "keyutils-libs", "version": "1.6.3-1.el9", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.6.3-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rY/kE/V4JnxYoqV+lmc9mg==": { "id": "rY/kE/V4JnxYoqV+lmc9mg==", "name": "gawk", "version": "5.1.0-6.el9", "kind": "binary", "source": { "id": "", "name": "gawk", "version": "5.1.0-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rlHYqOr0lkUB/Gs6b1kD2g==": { "id": "rlHYqOr0lkUB/Gs6b1kD2g==", "name": "mpfr", "version": "4.1.0-7.el9", "kind": "binary", "source": { "id": "", "name": "mpfr", "version": "4.1.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ssPaV1VLDu6d5ZJ6Rrmh3A==": { "id": "ssPaV1VLDu6d5ZJ6Rrmh3A==", "name": "sed", "version": "4.8-9.el9", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.8-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sx0C6L5COHIkv6yQQyPlbw==": { "id": "sx0C6L5COHIkv6yQQyPlbw==", "name": "libunistring", "version": "0.9.10-15.el9", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.10-15.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u5TyEoU5GA6Z2czzwhMLiA==": { "id": "u5TyEoU5GA6Z2czzwhMLiA==", "name": "fonts-filesystem", "version": "1:2.0.5-7.el9.1", "kind": "binary", "source": { "id": "", "name": "fonts-rpm-macros", "version": "2.0.5-7.el9.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "v3i4ez5juML2ZWwR+6dFFg==": { "id": "v3i4ez5juML2ZWwR+6dFFg==", "name": "gnupg2", "version": "2.3.3-4.el9", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.3.3-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "wCA3gMNtInqX1xg18QcnQg==": { "id": "wCA3gMNtInqX1xg18QcnQg==", "name": "ca-certificates", "version": "2024.2.69_v8.0.303-91.4.el9_4", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "2024.2.69_v8.0.303-91.4.el9_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "wfJGCqOH8d+IYg/dAepx1A==": { "id": "wfJGCqOH8d+IYg/dAepx1A==", "name": "libarchive", "version": "3.5.3-6.el9_6", "kind": "binary", "source": { "id": "", "name": "libarchive", "version": "3.5.3-6.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "x4oijVhQU8BUwJwoFvk4QA==": { "id": "x4oijVhQU8BUwJwoFvk4QA==", "name": "libmodulemd", "version": "2.13.0-2.el9", "kind": "binary", "source": { "id": "", "name": "libmodulemd", "version": "2.13.0-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xSopjH0yPtbnx33MBmtmuA==": { "id": "xSopjH0yPtbnx33MBmtmuA==", "name": "rpm-libs", "version": "4.16.1.3-37.el9", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xhMgwxa+ubXlCA6s9XfRgw==": { "id": "xhMgwxa+ubXlCA6s9XfRgw==", "name": "cyrus-sasl-lib", "version": "2.1.27-21.el9", "kind": "binary", "source": { "id": "", "name": "cyrus-sasl", "version": "2.1.27-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yEp9fQVFIQAEDPCwC3GLmA==": { "id": "yEp9fQVFIQAEDPCwC3GLmA==", "name": "libsemanage", "version": "3.6-5.el9_6", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "3.6-5.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zPvTALB8qlNtHa1j2iT5Zg==": { "id": "zPvTALB8qlNtHa1j2iT5Zg==", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" } }, "distributions": { "a1752d98-cb05-46e0-851e-94da612c34c2": { "id": "a1752d98-cb05-46e0-851e-94da612c34c2", "did": "rhel", "name": "Red Hat Enterprise Linux Server", "version": "9", "version_code_name": "", "version_id": "9", "arch": "", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "pretty_name": "Red Hat Enterprise Linux Server 9" } }, "repository": { "70dd5db6-1003-4918-9d8a-ec0132a674d1": { "id": "70dd5db6-1003-4918-9d8a-ec0132a674d1", "name": "cpe:/a:redhat:enterprise_linux:9::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "8b5329d2-a935-4bac-a139-24b7beeac3ed": { "id": "8b5329d2-a935-4bac-a139-24b7beeac3ed", "name": "cpe:/o:redhat:enterprise_linux:9::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" } }, "environments": { "+A7/nzEXX3Q/xJZ50VMnlQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "+X1MdmtPTbyDb/wq7joJhA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "+bwl6UbMaWOBWdHNekJsEw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/L1kFEoHZTukrNTCQLypFQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/O7rOBo1qRMFm3q3Kf3mEw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/h/TBQhfoSMCmey5oN87jA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/ub7EE8Da46T0x7lRdlVJg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "0T19Aon0dgLleTpQjLWzKw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "1atoBfoH0mJ0bCpetQ7/0g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "2gCbp4kt+cF44NF/LqukDg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "5+tHFkkNi+1rUDSrmgYdkw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "5fhQlRzIg/IB8EVM2pFIZA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "6WyRl8U3PR6ipKlxqlBzFA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7cpIREEQnkaI7dbmWgmrvg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7mDaaxs3ev+uNEDYC97U3Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7ra56f21gLrcSpBD8a9+NQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7vssDPaHKfFKMLimKBo7Gw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "8uME+PFu6p/OAD7q+ZTVLw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "9olIUlLHZMdoUMju+8diyQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "BQhiFmX4hLYteW4oRCLTSA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "BRLVvSCW1qZQlEQR2x48fQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "CpfomSYboaXPZ9yn9NgGgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "DrLq8qfU1bfE8o8AfdvkrQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "FZ9gWulzkx76xjTSH/yM/g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "FrUQI+koTfbikRk1jsFd0w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "G61ZL2SOHR2qgvQfi118gw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "HQdWvmyUSqtI3UTY0T4JiQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "I16VSEydeiRYB1TSf5694A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "IZ65O3ZOapykHwhaOX1/YA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "JKP7JzVg7UGaAz4VrH03lQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "KF5C+zKu/uFB7knCqOvDAQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "KXUGN6voGlWUMRN5TCFy4w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Lwqn0aweLQLZmo12VvYcog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "M9YTWinowLqOqX/+8mbhjg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "MDH8Zt4oQWDiYk9qFV5Lbg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "NdCY2/S+syamLH224R4hug==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "O1acB+rpl9OLkk9I6phF7Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OCIjbR16ktOEiFK36r0WNw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OaFmq38HlbKLTTEM/qATzg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OgwdUybWl/HQYbnPTE4Psw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Ohssf0Jzlafd9vtrrUKCXg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "P5Om9zCJ/QZ+hnrEvj6fGw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "PIk2BBAWexCFofMi5q03RA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "PZXvGa4khHd2n6o73hJ/Pg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "RXh3fimX8fGZeCt4chJEiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "S8p9UGak1oycptcpYp/1eg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "SjQtW3gQmgt+Qj8JlnY4Mg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Su8bfW9ijc0V5CiAum2V1g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "TPIRq84Pr3a6ywzPeCr3Pw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "To0NR+oyXDu1CYJfmVGurQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "VV2Z1ngTs6sGvt5SrayPCg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "VX9V+Y680L2xf2tBREdpCw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "WtG8AvirpmNJ8wVE+fxfGQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XG5+bW8np2NedSy/od6z8Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XJlS+gwEt7T+nNr/Bflqzg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XMkvB1ljVS0bNTUu2UEs3g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XwbkaIGCYyq6BjBMVZ1wzw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ZabCZVOpeuHGnRiGdzqBig==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "arLt5War9yeQ8auYn/Idmw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ayTA+mXRKgSCRl5LaqP4/w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bFvWffGqJWr7FWnI7K9NVw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bemGVBhbDe9iV1Kjvd9hAA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bgzKs6bbeWeXxcqE+n7Jog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "dC9CoYt17eaqinGSVCfCxw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "de44cUqF23LvU0fOSvNRjA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "dpQG/pUwAqVv1OdQqnvylQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eK3V3oi6vbIfOQRAcWBYDw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eRa7MZyiHBvsv7GPhkGKdg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eaygsCP+5IpdIryvw94Tcw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "f8lJd/yoDqE6O0RUQGqkpQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "gsKPriszRNKAqMnHK+dXgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "hYEisV19Dxn4PvCvxJFm5A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iTD/lpKAM3AZEWh+zVx2tg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iVtx1BX52G3zRfk+g/oWIg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iaJm7Mdk9UadnBII0ZwMeA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "izPQpATHYfezyT+kcua/tQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "jAjaNW7NMGiv7HfByDu4RQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kAEPeyZOK/FwFoG6mOFUbQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kFxhSjWy84mTZBM4XiZaeQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kgbITSeRtKiT7enG8buGXw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kigiD4fuysu8/DeCr+ONKQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kp6BaioAZ30jbVeZkkzokA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kvpHJLhsWpgEBJjx168pDg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "lI6hCbIwETVhCFhL4BxyiQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "lad8JH31WlI0MsNEYhUWlA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mDM1q1sl0PqUWEn54kTSRw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mK/FUfODp3MR7WS2xegPsw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mPqGnMbiXN6jP61aGbHvOA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "nzQEyt4JfkGeZIIHPiBhog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "nzlusFbkan5h1d1Ks+BKBQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "pYM7mYzFYUjRrK74RyhfOw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "qYSZ6aKFWol313IOGRXaug==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rCLp3m64Catai9VuHvh3Lw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rY/kE/V4JnxYoqV+lmc9mg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rlHYqOr0lkUB/Gs6b1kD2g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ssPaV1VLDu6d5ZJ6Rrmh3A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "sx0C6L5COHIkv6yQQyPlbw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "u5TyEoU5GA6Z2czzwhMLiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "v3i4ez5juML2ZWwR+6dFFg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "wCA3gMNtInqX1xg18QcnQg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "wfJGCqOH8d+IYg/dAepx1A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "x4oijVhQU8BUwJwoFvk4QA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "xSopjH0yPtbnx33MBmtmuA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "xhMgwxa+ubXlCA6s9XfRgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "yEp9fQVFIQAEDPCwC3GLmA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "zPvTALB8qlNtHa1j2iT5Zg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ] }, "vulnerabilities": { "+U7CyAHaY71mhNm2Xnq2uw==": { "id": "+U7CyAHaY71mhNm2Xnq2uw==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "+UOyQgpOAnrWS+mVMK5k1Q==": { "id": "+UOyQgpOAnrWS+mVMK5k1Q==", "updater": "rhel-vex", "name": "CVE-2026-0861", "description": "A flaw was found in the glibc library. Passing an excessively large alignment value to the memalign suite of functions, such as memalign, posix_memalign, aligned_alloc, valloc and pvalloc, an integer overflow can occur during internal size calculations due to improper overflow checks, causing an allocation of a small chunk of memory which is subsequently used for writing. This issue can result in an application crash or heap memory corruption.", "issued": "2026-01-14T21:01:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0861 https://bugzilla.redhat.com/show_bug.cgi?id=2429771 https://www.cve.org/CVERecord?id=CVE-2026-0861 https://nvd.nist.gov/vuln/detail/CVE-2026-0861 https://sourceware.org/bugzilla/show_bug.cgi?id=33796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0861.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "/A7M1zrsMND1dKjg2gEuyg==": { "id": "/A7M1zrsMND1dKjg2gEuyg==", "updater": "rhel-vex", "name": "CVE-2026-5450", "description": "A flaw was found in glibc (GNU C Library). This vulnerability occurs when an application uses the `scanf` family of functions with a `%mc` format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination can lead to a one-byte heap buffer overflow, potentially allowing an attacker to corrupt memory.", "issued": "2026-04-20T20:55:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5450 https://bugzilla.redhat.com/show_bug.cgi?id=2459853 https://www.cve.org/CVERecord?id=CVE-2026-5450 https://nvd.nist.gov/vuln/detail/CVE-2026-5450 https://inbox.sourceware.org/libc-announce/b11f0003-6ec1-4bd6-b9de-9e38a4efeca3@redhat.com/T/#u https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2026-5450 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5450.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/jvSCV2RwJ6c/Llx9z8uvA==": { "id": "/jvSCV2RwJ6c/Llx9z8uvA==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "0E1VjQWdmolR9lr9ElIZZQ==": { "id": "0E1VjQWdmolR9lr9ElIZZQ==", "updater": "rhel-vex", "name": "CVE-2026-28389", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence, leading to a NULL pointer dereference. This can result in a Denial of Service (DoS) for applications that handle untrusted CMS data.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28389 https://bugzilla.redhat.com/show_bug.cgi?id=2451096 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28389.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1/8/Mjb4nleg0SsOivHAww==": { "id": "1/8/Mjb4nleg0SsOivHAww==", "updater": "rhel-vex", "name": "CVE-2025-9820", "description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "issued": "2025-11-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9820 https://bugzilla.redhat.com/show_bug.cgi?id=2392528 https://www.cve.org/CVERecord?id=CVE-2025-9820 https://nvd.nist.gov/vuln/detail/CVE-2025-9820 https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5 https://gitlab.com/gnutls/gnutls/-/issues/1732 https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9820.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "1hhG+RKT0fsxlS/Wf/LWEA==": { "id": "1hhG+RKT0fsxlS/Wf/LWEA==", "updater": "rhel-vex", "name": "CVE-2026-0861", "description": "A flaw was found in the glibc library. Passing an excessively large alignment value to the memalign suite of functions, such as memalign, posix_memalign, aligned_alloc, valloc and pvalloc, an integer overflow can occur during internal size calculations due to improper overflow checks, causing an allocation of a small chunk of memory which is subsequently used for writing. This issue can result in an application crash or heap memory corruption.", "issued": "2026-01-14T21:01:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0861 https://bugzilla.redhat.com/show_bug.cgi?id=2429771 https://www.cve.org/CVERecord?id=CVE-2026-0861 https://nvd.nist.gov/vuln/detail/CVE-2026-0861 https://sourceware.org/bugzilla/show_bug.cgi?id=33796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0861.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "1npmxgSnoYj2MyAhQMaE7g==": { "id": "1npmxgSnoYj2MyAhQMaE7g==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2TDjlt2gAEWsLyBBPigFYw==": { "id": "2TDjlt2gAEWsLyBBPigFYw==", "updater": "rhel-vex", "name": "CVE-2024-13176", "description": "A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.", "issued": "2025-01-20T13:29:57Z", "links": "https://access.redhat.com/security/cve/CVE-2024-13176 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-13176.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3UNcgW64Eji4iyY2ZDB1cg==": { "id": "3UNcgW64Eji4iyY2ZDB1cg==", "updater": "rhel-vex", "name": "CVE-2026-3783", "description": "A flaw was found in curl. When an OAuth2 bearer token is used for an HTTP(S) transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the `.netrc` file, allowing the bearer token intended for the first host to be sent to the redirected host. This information disclosure could allow an attacker to gain unauthorized access.", "issued": "2026-03-11T10:09:08Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3783 https://bugzilla.redhat.com/show_bug.cgi?id=2446450 https://www.cve.org/CVERecord?id=CVE-2026-3783 https://nvd.nist.gov/vuln/detail/CVE-2026-3783 http://www.openwall.com/lists/oss-security/2026/03/11/2 https://curl.se/docs/CVE-2026-3783.html https://curl.se/docs/CVE-2026-3783.json https://hackerone.com/reports/3583983 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3783.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3bb0a18NQSPWO0aeq9twVw==": { "id": "3bb0a18NQSPWO0aeq9twVw==", "updater": "rhel-vex", "name": "CVE-2025-69419", "description": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69419 https://bugzilla.redhat.com/show_bug.cgi?id=2430386 https://www.cve.org/CVERecord?id=CVE-2025-69419 https://nvd.nist.gov/vuln/detail/CVE-2025-69419 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69419.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "429KD7e1Cl6AyUZNBGOTQw==": { "id": "429KD7e1Cl6AyUZNBGOTQw==", "updater": "rhel-vex", "name": "CVE-2025-9230", "description": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9230 https://bugzilla.redhat.com/show_bug.cgi?id=2396054 https://www.cve.org/CVERecord?id=CVE-2025-9230 https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9230.json https://access.redhat.com/errata/RHSA-2025:21255", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-4.el9_7", "arch_op": "pattern match" }, "4u3exWl+MPcCOYOgbQLM+A==": { "id": "4u3exWl+MPcCOYOgbQLM+A==", "updater": "rhel-vex", "name": "CVE-2025-69419", "description": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69419 https://bugzilla.redhat.com/show_bug.cgi?id=2430386 https://www.cve.org/CVERecord?id=CVE-2025-69419 https://nvd.nist.gov/vuln/detail/CVE-2025-69419 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69419.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "59oEBlU3jh6EL6gtZDUaug==": { "id": "59oEBlU3jh6EL6gtZDUaug==", "updater": "rhel-vex", "name": "CVE-2026-4437", "description": "A flaw was found in glibc (the GNU C Library). When an application uses the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS (Domain Name System) response. This crafted response can cause the application to incorrectly interpret a non-answer section of the DNS response as a valid answer, leading to potential misbehavior or incorrect information processing.", "issued": "2026-03-20T19:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4437 https://bugzilla.redhat.com/show_bug.cgi?id=2449777 https://www.cve.org/CVERecord?id=CVE-2026-4437 https://nvd.nist.gov/vuln/detail/CVE-2026-4437 https://sourceware.org/bugzilla/show_bug.cgi?id=34014 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4437.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5BksN0izCeDRrtFMsNCyvg==": { "id": "5BksN0izCeDRrtFMsNCyvg==", "updater": "rhel-vex", "name": "CVE-2025-9232", "description": "A flaw was found in the OpenSSL HTTP client API no_proxy handling. This vulnerability allows an application level denial of service (application crash) via an attacker-controlled IPv6 URL when the no_proxy environment variable is set.", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9232 https://bugzilla.redhat.com/show_bug.cgi?id=2396056 https://www.cve.org/CVERecord?id=CVE-2025-9232 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9232.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5amguv6OT1njd8r+RXMCQQ==": { "id": "5amguv6OT1njd8r+RXMCQQ==", "updater": "rhel-vex", "name": "CVE-2025-66199", "description": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66199 https://bugzilla.redhat.com/show_bug.cgi?id=2430379 https://www.cve.org/CVERecord?id=CVE-2025-66199 https://nvd.nist.gov/vuln/detail/CVE-2025-66199 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66199.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "6hAQW3vY9ZA/8datv1rY4g==": { "id": "6hAQW3vY9ZA/8datv1rY4g==", "updater": "rhel-vex", "name": "CVE-2024-41996", "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "issued": "2024-08-26T06:15:04Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41996 https://bugzilla.redhat.com/show_bug.cgi?id=2307826 https://www.cve.org/CVERecord?id=CVE-2024-41996 https://nvd.nist.gov/vuln/detail/CVE-2024-41996 https://dheatattack.gitlab.io/details/ https://dheatattack.gitlab.io/faq/ https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1 https://github.com/openssl/openssl/issues/17374 https://openssl-library.org/post/2022-10-21-tls-groups-configuration/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41996.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6rEIsdyQtCC456AuGwgsDQ==": { "id": "6rEIsdyQtCC456AuGwgsDQ==", "updater": "rhel-vex", "name": "CVE-2025-15079", "description": "A flaw was found in curl. When performing SSH-based transfers using SCP or SFTP, libcurl could mistakenly connect to hosts not listed in the user-specified knownhosts file. This occurs if the host is present in the libssh global knownhosts file, effectively bypassing the intended host verification. This could allow a remote attacker to connect to an untrusted host, potentially leading to information disclosure or man-in-the-middle attacks.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15079 https://bugzilla.redhat.com/show_bug.cgi?id=2426409 https://www.cve.org/CVERecord?id=CVE-2025-15079 https://nvd.nist.gov/vuln/detail/CVE-2025-15079 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15079.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "76mWuVYhbmIFsc4DNorK9A==": { "id": "76mWuVYhbmIFsc4DNorK9A==", "updater": "rhel-vex", "name": "CVE-2025-5917", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5917 https://bugzilla.redhat.com/show_bug.cgi?id=2370874 https://www.cve.org/CVERecord?id=CVE-2025-5917 https://nvd.nist.gov/vuln/detail/CVE-2025-5917 https://github.com/libarchive/libarchive/pull/2588 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5917.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "76z9Mpn8Jp7lhZSPsHTHug==": { "id": "76z9Mpn8Jp7lhZSPsHTHug==", "updater": "rhel-vex", "name": "CVE-2025-68973", "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", "issued": "2025-12-28T16:19:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68973 https://bugzilla.redhat.com/show_bug.cgi?id=2425966 https://www.cve.org/CVERecord?id=CVE-2025-68973 https://nvd.nist.gov/vuln/detail/CVE-2025-68973 https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306 https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 https://gpg.fail/memcpy https://news.ycombinator.com/item?id=46403200 https://www.openwall.com/lists/oss-security/2025/12/28/5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68973.json https://access.redhat.com/errata/RHSA-2026:0719", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.3.3-5.el9_7", "arch_op": "pattern match" }, "78ARTcr/iVbEbtXWNEyadA==": { "id": "78ARTcr/iVbEbtXWNEyadA==", "updater": "rhel-vex", "name": "CVE-2025-15467", "description": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.", "issued": "2026-01-27T14:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15467 https://bugzilla.redhat.com/show_bug.cgi?id=2430376 https://www.cve.org/CVERecord?id=CVE-2025-15467 https://nvd.nist.gov/vuln/detail/CVE-2025-15467 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "7aI+wyLEqkIPj2Wh4f1UKg==": { "id": "7aI+wyLEqkIPj2Wh4f1UKg==", "updater": "rhel-vex", "name": "CVE-2026-40356", "description": "A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling `gss_accept_sec_context()` on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of Service (DoS).", "issued": "2026-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-40356 https://bugzilla.redhat.com/show_bug.cgi?id=2463368 https://www.cve.org/CVERecord?id=CVE-2026-40356 https://nvd.nist.gov/vuln/detail/CVE-2026-40356 https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f https://web.mit.edu/kerberos/advisories/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40356.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7eKrcl3YwGJqhWmZNbH7Eg==": { "id": "7eKrcl3YwGJqhWmZNbH7Eg==", "updater": "rhel-vex", "name": "CVE-2025-11187", "description": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11187 https://bugzilla.redhat.com/show_bug.cgi?id=2430375 https://www.cve.org/CVERecord?id=CVE-2025-11187 https://nvd.nist.gov/vuln/detail/CVE-2025-11187 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11187.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "8MfvwX+dRI6Qt2H+x71rZg==": { "id": "8MfvwX+dRI6Qt2H+x71rZg==", "updater": "rhel-vex", "name": "CVE-2025-15224", "description": "A flaw was found in libcurl. When doing SSH-based transfers using either SCP or SFTP, and asked to do\npublic key authentication, curl would wrongly still ask and authenticate using\na locally running SSH agent.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15224 https://bugzilla.redhat.com/show_bug.cgi?id=2426410 https://www.cve.org/CVERecord?id=CVE-2025-15224 https://nvd.nist.gov/vuln/detail/CVE-2025-15224 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15224.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8ZCpE1M7eqNdy615aO2gLQ==": { "id": "8ZCpE1M7eqNdy615aO2gLQ==", "updater": "rhel-vex", "name": "CVE-2026-0992", "description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0992 https://bugzilla.redhat.com/show_bug.cgi?id=2429975 https://www.cve.org/CVERecord?id=CVE-2026-0992 https://nvd.nist.gov/vuln/detail/CVE-2026-0992 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0992.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8kndQj/aRn+NNJdGVP9v4g==": { "id": "8kndQj/aRn+NNJdGVP9v4g==", "updater": "rhel-vex", "name": "CVE-2023-45322", "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "issued": "2023-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45322 https://bugzilla.redhat.com/show_bug.cgi?id=2242945 https://www.cve.org/CVERecord?id=CVE-2023-45322 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45322.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9bjl4H6CMWLL3h1g5y6i9Q==": { "id": "9bjl4H6CMWLL3h1g5y6i9Q==", "updater": "rhel-vex", "name": "CVE-2026-5928", "description": "A flaw was found in glibc (GNU C Library). When the `ungetwc` function is called on a file stream using wide characters with specific overlapping single-byte and multi-byte encodings, it may attempt to read data outside of its allocated buffer. This can lead to the unintentional disclosure of sensitive information from memory or cause the program to crash, resulting in a denial of service.", "issued": "2026-04-20T20:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5928 https://bugzilla.redhat.com/show_bug.cgi?id=2459854 https://www.cve.org/CVERecord?id=CVE-2026-5928 https://nvd.nist.gov/vuln/detail/CVE-2026-5928 https://sourceware.org/bugzilla/show_bug.cgi?id=33998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5928.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9iigvnuYDaC8UzcOIDLjIQ==": { "id": "9iigvnuYDaC8UzcOIDLjIQ==", "updater": "rhel-vex", "name": "CVE-2026-24883", "description": "A flaw was found in GnuPG. A remote attacker could provide a specially crafted long signature packet that, when processed, causes the application to crash. This vulnerability leads to a denial of service (DoS), making the GnuPG application unavailable to legitimate users.", "issued": "2026-01-27T18:43:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24883 https://bugzilla.redhat.com/show_bug.cgi?id=2433463 https://www.cve.org/CVERecord?id=CVE-2026-24883 https://nvd.nist.gov/vuln/detail/CVE-2026-24883 https://dev.gnupg.org/T8049 https://www.openwall.com/lists/oss-security/2026/01/27/8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24883.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AD3UsMwxeXvBzVWIm5l5yw==": { "id": "AD3UsMwxeXvBzVWIm5l5yw==", "updater": "rhel-vex", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "2025-05-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5278 https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://www.cve.org/CVERecord?id=CVE-2025-5278 https://nvd.nist.gov/vuln/detail/CVE-2025-5278 https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5278.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AUiFITCnRjRxctzqqbDeeA==": { "id": "AUiFITCnRjRxctzqqbDeeA==", "updater": "rhel-vex", "name": "CVE-2022-3219", "description": "A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service.", "issued": "2022-09-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://www.cve.org/CVERecord?id=CVE-2022-3219 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://dev.gnupg.org/D556 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3219.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Argl342WI7oZtgSo+p9kMA==": { "id": "Argl342WI7oZtgSo+p9kMA==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "AwYRRq6SmgfJLn2NZxQUdw==": { "id": "AwYRRq6SmgfJLn2NZxQUdw==", "updater": "rhel-vex", "name": "CVE-2024-34459", "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "issued": "2024-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34459 https://bugzilla.redhat.com/show_bug.cgi?id=2280532 https://www.cve.org/CVERecord?id=CVE-2024-34459 https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34459.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BheYJlsY7UG2Ru8eF1IU4g==": { "id": "BheYJlsY7UG2Ru8eF1IU4g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libmount", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "D7U85Qc3CYAscEzhSfT76A==": { "id": "D7U85Qc3CYAscEzhSfT76A==", "updater": "rhel-vex", "name": "CVE-2025-15467", "description": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.", "issued": "2026-01-27T14:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15467 https://bugzilla.redhat.com/show_bug.cgi?id=2430376 https://www.cve.org/CVERecord?id=CVE-2025-15467 https://nvd.nist.gov/vuln/detail/CVE-2025-15467 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "DDxCHnX+kCqcRQj9b90/cg==": { "id": "DDxCHnX+kCqcRQj9b90/cg==", "updater": "rhel-vex", "name": "CVE-2023-4156", "description": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.", "issued": "2023-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4156 https://bugzilla.redhat.com/show_bug.cgi?id=2215930 https://www.cve.org/CVERecord?id=CVE-2023-4156 https://nvd.nist.gov/vuln/detail/CVE-2023-4156 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4156.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gawk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DTApvRZh1HJD5XbbpU3ahw==": { "id": "DTApvRZh1HJD5XbbpU3ahw==", "updater": "rhel-vex", "name": "CVE-2026-1757", "description": "A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.", "issued": "2026-02-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1757 https://bugzilla.redhat.com/show_bug.cgi?id=2435940 https://www.cve.org/CVERecord?id=CVE-2026-1757 https://nvd.nist.gov/vuln/detail/CVE-2026-1757 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DrIVK8+yvV91OzF2CS9o5A==": { "id": "DrIVK8+yvV91OzF2CS9o5A==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json https://access.redhat.com/errata/RHSA-2025:22660", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:252-55.el9_7.7", "arch_op": "pattern match" }, "Eh3WlvVSpgyvj1kaA5So7g==": { "id": "Eh3WlvVSpgyvj1kaA5So7g==", "updater": "rhel-vex", "name": "CVE-2025-13601", "description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "issued": "2025-11-24T13:00:15Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13601 https://bugzilla.redhat.com/show_bug.cgi?id=2416741 https://www.cve.org/CVERecord?id=CVE-2025-13601 https://nvd.nist.gov/vuln/detail/CVE-2025-13601 https://gitlab.gnome.org/GNOME/glib/-/issues/3827 https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13601.json https://access.redhat.com/errata/RHSA-2026:0936", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.68.4-18.el9_7.1", "arch_op": "pattern match" }, "Ez8lHT2uV9Tf9vJC/T4WXg==": { "id": "Ez8lHT2uV9Tf9vJC/T4WXg==", "updater": "rhel-vex", "name": "CVE-2026-4426", "description": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4426 https://bugzilla.redhat.com/show_bug.cgi?id=2449010 https://www.cve.org/CVERecord?id=CVE-2026-4426 https://nvd.nist.gov/vuln/detail/CVE-2026-4426 https://github.com/libarchive/libarchive/pull/2897 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4426.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "F4WBuBnk4OQIl1a5Q4CVPg==": { "id": "F4WBuBnk4OQIl1a5Q4CVPg==", "updater": "rhel-vex", "name": "CVE-2025-6170", "description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "issued": "2025-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952 https://www.cve.org/CVERecord?id=CVE-2025-6170 https://nvd.nist.gov/vuln/detail/CVE-2025-6170 https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6170.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FLpBF1y0CvCfFuXOmlaRZw==": { "id": "FLpBF1y0CvCfFuXOmlaRZw==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json https://access.redhat.com/errata/RHSA-2025:22376", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.13-14.el9_7", "arch_op": "pattern match" }, "FQwXyPZ+oHyxQZ9RBQXbpw==": { "id": "FQwXyPZ+oHyxQZ9RBQXbpw==", "updater": "rhel-vex", "name": "CVE-2025-13034", "description": "A flaw was found in curl. When configured to use public key pinning with QUIC connections and GnuTLS, and with standard certificate verification explicitly disabled, curl could bypass the intended public key check. This oversight allows a malicious server to impersonate a legitimate one, potentially leading to unauthorized access or information disclosure due to a failure in verifying the server's identity.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13034 https://bugzilla.redhat.com/show_bug.cgi?id=2426406 https://www.cve.org/CVERecord?id=CVE-2025-13034 https://nvd.nist.gov/vuln/detail/CVE-2025-13034 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13034.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GAn7gWUe2pFr7PbwechqxA==": { "id": "GAn7gWUe2pFr7PbwechqxA==", "updater": "rhel-vex", "name": "CVE-2025-30258", "description": "A flaw was found in GnuPG. In affected versions, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, leading to a verification denial of service.", "issued": "2025-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30258 https://bugzilla.redhat.com/show_bug.cgi?id=2353427 https://www.cve.org/CVERecord?id=CVE-2025-30258 https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30258.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GWKQvGJTKzyU9GiQECoFhg==": { "id": "GWKQvGJTKzyU9GiQECoFhg==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "HxI42iSjURjRki+uV6q/9w==": { "id": "HxI42iSjURjRki+uV6q/9w==", "updater": "rhel-vex", "name": "CVE-2024-0232", "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0232 https://bugzilla.redhat.com/show_bug.cgi?id=2243754 https://www.cve.org/CVERecord?id=CVE-2024-0232 https://nvd.nist.gov/vuln/detail/CVE-2024-0232 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0232.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Ie7rkr8oApZOM9PK2gFB6A==": { "id": "Ie7rkr8oApZOM9PK2gFB6A==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IrRjtVOpf04EO7iAKFAznQ==": { "id": "IrRjtVOpf04EO7iAKFAznQ==", "updater": "rhel-vex", "name": "CVE-2026-0915", "description": "A flaw was found in glibc, the GNU C Library. When an application calls the `getnetbyaddr` or `getnetbyaddr_r` functions to resolve a network address, and the system's `nsswitch.conf` file is configured to use a DNS (Domain Name System) backend for network lookups, a query for a zero-valued network can lead to the disclosure of stack memory contents. This information is leaked to the configured DNS resolver, potentially allowing an attacker who controls the resolver to gain sensitive data from the affected system.", "issued": "2026-01-15T22:08:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0915 https://bugzilla.redhat.com/show_bug.cgi?id=2430201 https://www.cve.org/CVERecord?id=CVE-2026-0915 https://nvd.nist.gov/vuln/detail/CVE-2026-0915 https://sourceware.org/bugzilla/show_bug.cgi?id=33802 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0915.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "Iy2V+5RC7ENxxmnS9KdBOw==": { "id": "Iy2V+5RC7ENxxmnS9KdBOw==", "updater": "rhel-vex", "name": "CVE-2026-0915", "description": "A flaw was found in glibc, the GNU C Library. When an application calls the `getnetbyaddr` or `getnetbyaddr_r` functions to resolve a network address, and the system's `nsswitch.conf` file is configured to use a DNS (Domain Name System) backend for network lookups, a query for a zero-valued network can lead to the disclosure of stack memory contents. This information is leaked to the configured DNS resolver, potentially allowing an attacker who controls the resolver to gain sensitive data from the affected system.", "issued": "2026-01-15T22:08:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0915 https://bugzilla.redhat.com/show_bug.cgi?id=2430201 https://www.cve.org/CVERecord?id=CVE-2026-0915 https://nvd.nist.gov/vuln/detail/CVE-2026-0915 https://sourceware.org/bugzilla/show_bug.cgi?id=33802 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0915.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "JK4fCJz1Ja5lmfE/vF5PcQ==": { "id": "JK4fCJz1Ja5lmfE/vF5PcQ==", "updater": "rhel-vex", "name": "CVE-2025-66199", "description": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66199 https://bugzilla.redhat.com/show_bug.cgi?id=2430379 https://www.cve.org/CVERecord?id=CVE-2025-66199 https://nvd.nist.gov/vuln/detail/CVE-2025-66199 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66199.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "JqWXvYyB4T300h7KRcWtFA==": { "id": "JqWXvYyB4T300h7KRcWtFA==", "updater": "rhel-vex", "name": "CVE-2025-13601", "description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "issued": "2025-11-24T13:00:15Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13601 https://bugzilla.redhat.com/show_bug.cgi?id=2416741 https://www.cve.org/CVERecord?id=CVE-2025-13601 https://nvd.nist.gov/vuln/detail/CVE-2025-13601 https://gitlab.gnome.org/GNOME/glib/-/issues/3827 https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13601.json https://access.redhat.com/errata/RHSA-2026:0936", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.68.4-18.el9_7.1", "arch_op": "pattern match" }, "Jrkns8qeStFRPhcitcuZ4w==": { "id": "Jrkns8qeStFRPhcitcuZ4w==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "KCgZ2MK707GRfjAO2Q3SOA==": { "id": "KCgZ2MK707GRfjAO2Q3SOA==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "KMGV9rbVZ/vVUNSX6f+JqA==": { "id": "KMGV9rbVZ/vVUNSX6f+JqA==", "updater": "rhel-vex", "name": "CVE-2026-4111", "description": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.", "issued": "2026-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4111 https://bugzilla.redhat.com/show_bug.cgi?id=2446453 https://www.cve.org/CVERecord?id=CVE-2026-4111 https://nvd.nist.gov/vuln/detail/CVE-2026-4111 https://github.com/libarchive/libarchive/pull/2877 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4111.json https://access.redhat.com/errata/RHSA-2026:5080", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-7.el9_7", "arch_op": "pattern match" }, "Kqq2xlybjD/tOLmQWu2xPw==": { "id": "Kqq2xlybjD/tOLmQWu2xPw==", "updater": "rhel-vex", "name": "CVE-2025-5918", "description": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://www.cve.org/CVERecord?id=CVE-2025-5918 https://nvd.nist.gov/vuln/detail/CVE-2025-5918 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L1pkWyFlg006sdV2pKTg4A==": { "id": "L1pkWyFlg006sdV2pKTg4A==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-fips-provider", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LeWRqc+lggRL8KnG53e6CA==": { "id": "LeWRqc+lggRL8KnG53e6CA==", "updater": "rhel-vex", "name": "CVE-2025-6965", "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "issued": "2025-07-15T13:44:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6965 https://bugzilla.redhat.com/show_bug.cgi?id=2380149 https://www.cve.org/CVERecord?id=CVE-2025-6965 https://nvd.nist.gov/vuln/detail/CVE-2025-6965 https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6965.json https://access.redhat.com/errata/RHSA-2025:20936", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.34.1-9.el9_7", "arch_op": "pattern match" }, "Lhc4n2a9ma6eRDB/RCRmLQ==": { "id": "Lhc4n2a9ma6eRDB/RCRmLQ==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "LuirMfnv2JkWFEU8MUuKUQ==": { "id": "LuirMfnv2JkWFEU8MUuKUQ==", "updater": "rhel-vex", "name": "CVE-2025-13151", "description": "A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the `asn1_expend_octet_string` function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service (DoS) condition, making the affected system or application unavailable.", "issued": "2026-01-07T21:14:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13151 https://bugzilla.redhat.com/show_bug.cgi?id=2427698 https://www.cve.org/CVERecord?id=CVE-2025-13151 https://nvd.nist.gov/vuln/detail/CVE-2025-13151 https://gitlab.com/gnutls/libtasn1 https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13151.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LxYgcRll4fEnbCHHZWt4BA==": { "id": "LxYgcRll4fEnbCHHZWt4BA==", "updater": "rhel-vex", "name": "CVE-2026-5121", "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.", "issued": "2026-03-30T07:44:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5121 https://bugzilla.redhat.com/show_bug.cgi?id=2452945 https://www.cve.org/CVERecord?id=CVE-2026-5121 https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://github.com/advisories/GHSA-2vwv-vqpv-v8vc https://github.com/libarchive/libarchive/pull/2934 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5121.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "M293c+QguJ/aaYP3cMwfyQ==": { "id": "M293c+QguJ/aaYP3cMwfyQ==", "updater": "rhel-vex", "name": "CVE-2026-28388", "description": "A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List (CRL) that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application that has delta CRL processing enabled, leading to a Denial of Service (DoS) for the application.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28388 https://bugzilla.redhat.com/show_bug.cgi?id=2451097 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28388.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MT27FBW6q+x91HBvTyGVKQ==": { "id": "MT27FBW6q+x91HBvTyGVKQ==", "updater": "rhel-vex", "name": "CVE-2026-4046", "description": "A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the `iconv()` function. This could lead to an assertion failure, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-30T17:16:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4046 https://bugzilla.redhat.com/show_bug.cgi?id=2453117 https://www.cve.org/CVERecord?id=CVE-2026-4046 https://nvd.nist.gov/vuln/detail/CVE-2026-4046 https://packages.fedoraproject.org/pkgs/glibc/glibc-gconv-extra/ https://sourceware.org/bugzilla/show_bug.cgi?id=33980 https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4046.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "N7otM4CJgwQwy0Mz0UA3Vw==": { "id": "N7otM4CJgwQwy0Mz0UA3Vw==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "NrTzMmbWyM5UeSvnQVNLOg==": { "id": "NrTzMmbWyM5UeSvnQVNLOg==", "updater": "rhel-vex", "name": "CVE-2026-0988", "description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0988 https://bugzilla.redhat.com/show_bug.cgi?id=2429886 https://www.cve.org/CVERecord?id=CVE-2026-0988 https://nvd.nist.gov/vuln/detail/CVE-2026-0988 https://gitlab.gnome.org/GNOME/glib/-/issues/3851 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0988.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OB9n4NdBrq+3wlcM9+90Dg==": { "id": "OB9n4NdBrq+3wlcM9+90Dg==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "PUCpgzV2LGcCb5yPJbawGw==": { "id": "PUCpgzV2LGcCb5yPJbawGw==", "updater": "rhel-vex", "name": "CVE-2025-68973", "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", "issued": "2025-12-28T16:19:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68973 https://bugzilla.redhat.com/show_bug.cgi?id=2425966 https://www.cve.org/CVERecord?id=CVE-2025-68973 https://nvd.nist.gov/vuln/detail/CVE-2025-68973 https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306 https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 https://gpg.fail/memcpy https://news.ycombinator.com/item?id=46403200 https://www.openwall.com/lists/oss-security/2025/12/28/5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68973.json https://access.redhat.com/errata/RHSA-2026:0719", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.3.3-5.el9_7", "arch_op": "pattern match" }, "PrCrIesi0sSvMQjPpvxecw==": { "id": "PrCrIesi0sSvMQjPpvxecw==", "updater": "rhel-vex", "name": "CVE-2025-14512", "description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14512 https://bugzilla.redhat.com/show_bug.cgi?id=2421339 https://www.cve.org/CVERecord?id=CVE-2025-14512 https://nvd.nist.gov/vuln/detail/CVE-2025-14512 https://gitlab.gnome.org/GNOME/glib/-/issues/3845 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14512.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Pza9Y2xtH9MChVMkZwgw2A==": { "id": "Pza9Y2xtH9MChVMkZwgw2A==", "updater": "rhel-vex", "name": "CVE-2024-7264", "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "issued": "2024-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7264 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://www.cve.org/CVERecord?id=CVE-2024-7264 https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7264.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Q6o565VsHFcmyuOW6jCOGw==": { "id": "Q6o565VsHFcmyuOW6jCOGw==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "QSP4YGVknCXnnhDrDAxftg==": { "id": "QSP4YGVknCXnnhDrDAxftg==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json https://access.redhat.com/errata/RHSA-2025:22660", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:252-55.el9_7.7", "arch_op": "pattern match" }, "Qbjoqw6Ot3cGOKNyQYBo4g==": { "id": "Qbjoqw6Ot3cGOKNyQYBo4g==", "updater": "rhel-vex", "name": "CVE-2025-14087", "description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14087 https://bugzilla.redhat.com/show_bug.cgi?id=2419093 https://www.cve.org/CVERecord?id=CVE-2025-14087 https://nvd.nist.gov/vuln/detail/CVE-2025-14087 https://gitlab.gnome.org/GNOME/glib/-/issues/3834 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14087.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QskDoDnTSvrQeDXklM4YOw==": { "id": "QskDoDnTSvrQeDXklM4YOw==", "updater": "rhel-vex", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "2026-03-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4105 https://bugzilla.redhat.com/show_bug.cgi?id=2447262 https://www.cve.org/CVERecord?id=CVE-2026-4105 https://nvd.nist.gov/vuln/detail/CVE-2026-4105 https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4105.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RHShqbO2hqcBNPYbKDg/3A==": { "id": "RHShqbO2hqcBNPYbKDg/3A==", "updater": "rhel-vex", "name": "CVE-2026-6732", "description": "A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.", "issued": "2026-04-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6732 https://bugzilla.redhat.com/show_bug.cgi?id=2461300 https://www.cve.org/CVERecord?id=CVE-2026-6732 https://nvd.nist.gov/vuln/detail/CVE-2026-6732 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1097 https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/411 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6732.json", "severity": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "S5Dzz9cigoJDCj8s5UcT0g==": { "id": "S5Dzz9cigoJDCj8s5UcT0g==", "updater": "rhel-vex", "name": "CVE-2022-41409", "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-41409 https://bugzilla.redhat.com/show_bug.cgi?id=2260814 https://www.cve.org/CVERecord?id=CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 https://github.com/PCRE2Project/pcre2/issues/141 https://github.com/advisories/GHSA-4qfx-v7wh-3q4j https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-41409.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SYSyRuW2vXdWcXLSfRP1aQ==": { "id": "SYSyRuW2vXdWcXLSfRP1aQ==", "updater": "rhel-vex", "name": "CVE-2025-15281", "description": "A flaw was found in glibc. When the wordexp function is called with the flags WRDE_REUSE and WRDE_APPEND, it may return uninitialized memory. If the caller inspects the we_wordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of service.", "issued": "2026-01-20T13:22:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15281 https://bugzilla.redhat.com/show_bug.cgi?id=2431196 https://www.cve.org/CVERecord?id=CVE-2025-15281 https://nvd.nist.gov/vuln/detail/CVE-2025-15281 https://sourceware.org/bugzilla/show_bug.cgi?id=33814 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15281.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "T+jfDhqJcXwVQ38oWEz/6g==": { "id": "T+jfDhqJcXwVQ38oWEz/6g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libsmartcols", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "TccjTp2Y8sTyWrjrm24IKA==": { "id": "TccjTp2Y8sTyWrjrm24IKA==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libmount", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "TwoNniaY2Urt7TF64epJXg==": { "id": "TwoNniaY2Urt7TF64epJXg==", "updater": "rhel-vex", "name": "CVE-2026-31790", "description": "A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without proper validation. Consequently, the application might send the contents of an uninitialized memory buffer, which could contain confidential information, to the attacker.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31790 https://bugzilla.redhat.com/show_bug.cgi?id=2451094 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31790.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VWEbeFnFOHy1IkG21b5a5g==": { "id": "VWEbeFnFOHy1IkG21b5a5g==", "updater": "rhel-vex", "name": "CVE-2023-30571", "description": "A vulnerability was found in libarchive. This issue can cause a race condition in a multi-threaded use of archive_write_disk_header() on posix based systems, which could allow implicit directory creation with permissions 777, without sticky bit, which means any low privileged user on the system can delete and rename files inside those directories.", "issued": "2023-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-30571 https://bugzilla.redhat.com/show_bug.cgi?id=2210921 https://www.cve.org/CVERecord?id=CVE-2023-30571 https://nvd.nist.gov/vuln/detail/CVE-2023-30571 https://access.redhat.com/solutions/7033331 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-30571.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VYGbkY0i6P3tRJd9mM1wNg==": { "id": "VYGbkY0i6P3tRJd9mM1wNg==", "updater": "rhel-vex", "name": "CVE-2026-1489", "description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1489 https://bugzilla.redhat.com/show_bug.cgi?id=2433348 https://www.cve.org/CVERecord?id=CVE-2026-1489 https://nvd.nist.gov/vuln/detail/CVE-2026-1489 https://gitlab.gnome.org/GNOME/glib/-/issues/3872 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1489.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VzbOWZs6Sa8zFH+GQEnasQ==": { "id": "VzbOWZs6Sa8zFH+GQEnasQ==", "updater": "rhel-vex", "name": "CVE-2026-4878", "description": "A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.", "issued": "2026-04-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2451615 https://www.cve.org/CVERecord?id=CVE-2026-4878 https://nvd.nist.gov/vuln/detail/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2447554 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4878.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libcap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WP0Zjo/ORuC7+jbSIrru8A==": { "id": "WP0Zjo/ORuC7+jbSIrru8A==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "WVv0x6iWhzRgZZTPZ190Ng==": { "id": "WVv0x6iWhzRgZZTPZ190Ng==", "updater": "rhel-vex", "name": "CVE-2026-28386", "description": "A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service (DoS). This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequent page is unmapped. This can lead to an out-of-bounds read of up to 15 bytes and a potential application crash.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28386 https://bugzilla.redhat.com/show_bug.cgi?id=2451099 https://www.cve.org/CVERecord?id=CVE-2026-28386 https://nvd.nist.gov/vuln/detail/CVE-2026-28386 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28386.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WxO9le6q4ACTs4KnSuckDw==": { "id": "WxO9le6q4ACTs4KnSuckDw==", "updater": "rhel-vex", "name": "CVE-2024-56433", "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "issued": "2024-12-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56433 https://bugzilla.redhat.com/show_bug.cgi?id=2334165 https://www.cve.org/CVERecord?id=CVE-2024-56433 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56433.json https://access.redhat.com/errata/RHSA-2025:20559", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "shadow-utils", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "2:4.9-15.el9", "arch_op": "pattern match" }, "X7DmUVoCri5i6vdYVBBgXg==": { "id": "X7DmUVoCri5i6vdYVBBgXg==", "updater": "rhel-vex", "name": "CVE-2026-1965", "description": "A flaw was found in curl. When an application uses libcurl to make multiple Negotiate-authenticated HTTP or HTTPS requests to the same server with different credentials, libcurl may incorrectly reuse an existing connection. This logical error can cause a subsequent request to be sent using the authentication of a previous user, leading to an authentication bypass.", "issued": "2026-03-11T10:08:52Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1965 https://bugzilla.redhat.com/show_bug.cgi?id=2446448 https://www.cve.org/CVERecord?id=CVE-2026-1965 https://nvd.nist.gov/vuln/detail/CVE-2026-1965 https://curl.se/docs/CVE-2026-1965.html https://curl.se/docs/CVE-2026-1965.json https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1965.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XPUXyp+BOEJyEGOgXafi8Q==": { "id": "XPUXyp+BOEJyEGOgXafi8Q==", "updater": "rhel-vex", "name": "CVE-2022-27943", "description": "A flaw was found in binutils, where GNU GCC is vulnerable to a denial of service caused by a stack consumption in the demangle_const() function in libiberty/rust-demangle.c. The vulnerability exists due to the application not properly controlling the consumption of internal resources. By persuading a victim to open a specially-crafted file, an attacker could cause a denial of service.", "issued": "2022-03-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27943 https://bugzilla.redhat.com/show_bug.cgi?id=2071728 https://www.cve.org/CVERecord?id=CVE-2022-27943 https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27943.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XdzUGUJMTsfPfs79OXKU4Q==": { "id": "XdzUGUJMTsfPfs79OXKU4Q==", "updater": "rhel-vex", "name": "CVE-2025-14831", "description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "issued": "2026-02-09T14:26:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14831 https://bugzilla.redhat.com/show_bug.cgi?id=2423177 https://www.cve.org/CVERecord?id=CVE-2025-14831 https://nvd.nist.gov/vuln/detail/CVE-2025-14831 https://gitlab.com/gnutls/gnutls/-/issues/1773 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14831.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "YIlv6HIDfGqvZL/MDTWWpg==": { "id": "YIlv6HIDfGqvZL/MDTWWpg==", "updater": "rhel-vex", "name": "CVE-2026-3805", "description": "A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.", "issued": "2026-03-11T10:09:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3805 https://bugzilla.redhat.com/show_bug.cgi?id=2446451 https://www.cve.org/CVERecord?id=CVE-2026-3805 https://nvd.nist.gov/vuln/detail/CVE-2026-3805 http://www.openwall.com/lists/oss-security/2026/03/11/4 https://curl.se/docs/CVE-2026-3805.html https://curl.se/docs/CVE-2026-3805.json https://hackerone.com/reports/3591944 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3805.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YX2rGofSXHBcNhTOGpNkAA==": { "id": "YX2rGofSXHBcNhTOGpNkAA==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "YtNpM5pykErH+UBXZABWdg==": { "id": "YtNpM5pykErH+UBXZABWdg==", "updater": "rhel-vex", "name": "CVE-2026-28390", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter field without first verifying its presence. This leads to a NULL pointer dereference, which can cause applications processing the attacker-controlled CMS data to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T22:00:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28390 https://bugzilla.redhat.com/show_bug.cgi?id=2456314 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28390.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a9FllBAJiFi5FeYl0KG4aQ==": { "id": "a9FllBAJiFi5FeYl0KG4aQ==", "updater": "rhel-vex", "name": "CVE-2024-11053", "description": "A flaw was found in curl. A logic error when processing credentials from the .netrc file while performing redirects allows the transfer of credentials from the original host to the followed-to host under certain circumstances, leaking the credentials to the followed-to host.", "issued": "2024-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11053 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://www.cve.org/CVERecord?id=CVE-2024-11053 https://nvd.nist.gov/vuln/detail/CVE-2024-11053 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11053.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "aOUfuyvyyWEe7Z1IZT+fGw==": { "id": "aOUfuyvyyWEe7Z1IZT+fGw==", "updater": "rhel-vex", "name": "CVE-2026-34743", "description": "A flaw was found in XZ Utils. When the `lzma_index_decoder()` function processes an empty index, and a subsequent `lzma_index_append()` operation is performed, insufficient memory is allocated. This can lead to a buffer overflow, potentially causing a denial of service (DoS) for affected systems.", "issued": "2026-04-02T18:36:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34743 https://bugzilla.redhat.com/show_bug.cgi?id=2454589 https://www.cve.org/CVERecord?id=CVE-2026-34743 https://nvd.nist.gov/vuln/detail/CVE-2026-34743 https://github.com/tukaani-project/xz/commit/c8c22869e780ff57c96b46939c3d79ff99395f87 https://github.com/tukaani-project/xz/releases/tag/v5.8.3 https://github.com/tukaani-project/xz/security/advisories/GHSA-x872-m794-cxhv https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34743.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "xz", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "bOC69k4Gpn8Av1w/ra2Tdw==": { "id": "bOC69k4Gpn8Av1w/ra2Tdw==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libuuid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "bgJs7DKkcMwNTsh9yTDgQg==": { "id": "bgJs7DKkcMwNTsh9yTDgQg==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libblkid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "bjyLMZdYnkrpUxDySiQ34Q==": { "id": "bjyLMZdYnkrpUxDySiQ34Q==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "bugTfOdgCaATW4vTnuXTSQ==": { "id": "bugTfOdgCaATW4vTnuXTSQ==", "updater": "rhel-vex", "name": "CVE-2025-70873", "description": "A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive heap memory information.", "issued": "2026-03-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-70873 https://bugzilla.redhat.com/show_bug.cgi?id=2447086 https://www.cve.org/CVERecord?id=CVE-2025-70873 https://nvd.nist.gov/vuln/detail/CVE-2025-70873 https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054 https://sqlite.org/forum/forumpost/761eac3c82 https://sqlite.org/src/info/3d459f1fb1bd1b5e https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-70873.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "d/522T+B/ARMNSG+3QfAWA==": { "id": "d/522T+B/ARMNSG+3QfAWA==", "updater": "rhel-vex", "name": "CVE-2026-22185", "description": "A flaw was found in OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load. When processing malformed input, a local attacker can exploit a heap buffer underflow vulnerability in the readline() function. This can lead to an out-of-bounds read, potentially causing a denial of service (DoS) and limited disclosure of heap memory contents.", "issued": "2026-01-07T20:26:30Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22185 https://bugzilla.redhat.com/show_bug.cgi?id=2427679 https://www.cve.org/CVERecord?id=CVE-2026-22185 https://nvd.nist.gov/vuln/detail/CVE-2026-22185 https://seclists.org/fulldisclosure/2026/Jan/5 https://seclists.org/fulldisclosure/2026/Jan/8 https://www.openldap.org/ https://www.vulncheck.com/advisories/openldap-lmdb-mdb-load-heap-buffer-underflow-in-readline https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22185.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openldap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e/EuZlSZUQTHCSl8kHuFag==": { "id": "e/EuZlSZUQTHCSl8kHuFag==", "updater": "rhel-vex", "name": "CVE-2025-11187", "description": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11187 https://bugzilla.redhat.com/show_bug.cgi?id=2430375 https://www.cve.org/CVERecord?id=CVE-2025-11187 https://nvd.nist.gov/vuln/detail/CVE-2025-11187 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11187.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "e0/Fzu8wfMZp9zX32i9rMQ==": { "id": "e0/Fzu8wfMZp9zX32i9rMQ==", "updater": "rhel-vex", "name": "CVE-2026-27456", "description": "A flaw was found in util-linux. When an /etc/fstab entry is configured with the user,loop options, the `mount` program checks the file path with user permissions but later opens it with root privileges. This creates a brief Time-of-Check-Time-of-Use (TOCTOU) window where an attacker can substitute the intended file with a malicious symbolic link. This allows a local unprivileged user to mount any root-owned file or block device that contains a valid filesystem, gaining full read access to its contents.", "issued": "2026-04-03T21:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27456 https://bugzilla.redhat.com/show_bug.cgi?id=2454956 https://www.cve.org/CVERecord?id=CVE-2026-27456 https://nvd.nist.gov/vuln/detail/CVE-2026-27456 https://github.com/util-linux/util-linux/commit/5e390467b26a3cf3fecc04e1a0d482dff3162fc4 https://github.com/util-linux/util-linux/releases/tag/v2.41.4 https://github.com/util-linux/util-linux/security/advisories/GHSA-qq4x-vfq4-9h9g https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27456.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e0VfCD1REapdkagkByCnXQ==": { "id": "e0VfCD1REapdkagkByCnXQ==", "updater": "rhel-vex", "name": "CVE-2025-3360", "description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "issued": "2025-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3360 https://bugzilla.redhat.com/show_bug.cgi?id=2357754 https://www.cve.org/CVERecord?id=CVE-2025-3360 https://nvd.nist.gov/vuln/detail/CVE-2025-3360 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3360.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eUh0vSDVmqXTnsB7jL0b4g==": { "id": "eUh0vSDVmqXTnsB7jL0b4g==", "updater": "rhel-vex", "name": "CVE-2026-5121", "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.", "issued": "2026-03-30T07:44:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5121 https://bugzilla.redhat.com/show_bug.cgi?id=2452945 https://www.cve.org/CVERecord?id=CVE-2026-5121 https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://github.com/advisories/GHSA-2vwv-vqpv-v8vc https://github.com/libarchive/libarchive/pull/2934 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5121.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "f6oGdnhZomBa/bs3snB3kA==": { "id": "f6oGdnhZomBa/bs3snB3kA==", "updater": "rhel-vex", "name": "CVE-2025-14831", "description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "issued": "2026-02-09T14:26:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14831 https://bugzilla.redhat.com/show_bug.cgi?id=2423177 https://www.cve.org/CVERecord?id=CVE-2025-14831 https://nvd.nist.gov/vuln/detail/CVE-2025-14831 https://gitlab.com/gnutls/gnutls/-/issues/1773 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14831.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "fFM0zIKtKuexRqlZMkzQpg==": { "id": "fFM0zIKtKuexRqlZMkzQpg==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "g6ZHihkpvpkr3oZoVOs05w==": { "id": "g6ZHihkpvpkr3oZoVOs05w==", "updater": "rhel-vex", "name": "CVE-2025-6965", "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "issued": "2025-07-15T13:44:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6965 https://bugzilla.redhat.com/show_bug.cgi?id=2380149 https://www.cve.org/CVERecord?id=CVE-2025-6965 https://nvd.nist.gov/vuln/detail/CVE-2025-6965 https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6965.json https://access.redhat.com/errata/RHSA-2025:20936", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.34.1-9.el9_7", "arch_op": "pattern match" }, "hHDtCxiuvJ9VSCSwnEG0Fw==": { "id": "hHDtCxiuvJ9VSCSwnEG0Fw==", "updater": "rhel-vex", "name": "CVE-2026-27135", "description": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).", "issued": "2026-03-18T17:59:02Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27135 https://bugzilla.redhat.com/show_bug.cgi?id=2448754 https://www.cve.org/CVERecord?id=CVE-2026-27135 https://nvd.nist.gov/vuln/detail/CVE-2026-27135 https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1 https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27135.json https://access.redhat.com/errata/RHSA-2026:7668", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libnghttp2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.43.0-6.el9_7.1", "arch_op": "pattern match" }, "iF/o4aDbQf1DAw7R+LiVQw==": { "id": "iF/o4aDbQf1DAw7R+LiVQw==", "updater": "rhel-vex", "name": "CVE-2025-68972", "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", "issued": "2025-12-27T22:52:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68972 https://bugzilla.redhat.com/show_bug.cgi?id=2425646 https://www.cve.org/CVERecord?id=CVE-2025-68972 https://nvd.nist.gov/vuln/detail/CVE-2025-68972 https://gpg.fail/formfeed https://news.ycombinator.com/item?id=46404339 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68972.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ija3h8P09PxwjEuLSUS2HA==": { "id": "ija3h8P09PxwjEuLSUS2HA==", "updater": "rhel-vex", "name": "CVE-2026-4438", "description": "A flaw was found in the GNU C library (glibc). When applications use the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to applications receiving incorrect hostname information, potentially impacting network operations or security decisions.", "issued": "2026-03-20T19:59:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4438 https://bugzilla.redhat.com/show_bug.cgi?id=2449783 https://www.cve.org/CVERecord?id=CVE-2026-4438 https://nvd.nist.gov/vuln/detail/CVE-2026-4438 https://sourceware.org/bugzilla/show_bug.cgi?id=34015 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4438.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ixD2h349uZz3eCy55KxIlw==": { "id": "ixD2h349uZz3eCy55KxIlw==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "ixc06f0H9vqMfsbwQSwwvA==": { "id": "ixc06f0H9vqMfsbwQSwwvA==", "updater": "rhel-vex", "name": "CVE-2023-32636", "description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 https://www.cve.org/CVERecord?id=CVE-2023-32636 https://nvd.nist.gov/vuln/detail/CVE-2023-32636 https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32636.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "j/vFtwZCr4ow5q2VPKgR9g==": { "id": "j/vFtwZCr4ow5q2VPKgR9g==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "jiVVTQmOtKqVixv7agF/Hg==": { "id": "jiVVTQmOtKqVixv7agF/Hg==", "updater": "rhel-vex", "name": "CVE-2025-27113", "description": "A flaw was found in libxml2. This vulnerability allows a NULL pointer dereference, leading to a potential crash or denial of service via a crafted XML pattern.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27113 https://bugzilla.redhat.com/show_bug.cgi?id=2346410 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27113.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "klH60uFrR0WkawaSlcOEKg==": { "id": "klH60uFrR0WkawaSlcOEKg==", "updater": "rhel-vex", "name": "CVE-2026-1484", "description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1484 https://bugzilla.redhat.com/show_bug.cgi?id=2433259 https://www.cve.org/CVERecord?id=CVE-2026-1484 https://nvd.nist.gov/vuln/detail/CVE-2026-1484 https://gitlab.gnome.org/GNOME/glib/-/issues/3870 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1484.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "l1pK1ezh6e0g8I+Dp2iK7w==": { "id": "l1pK1ezh6e0g8I+Dp2iK7w==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "l6IrI73Pg+lrisEtcgX+0Q==": { "id": "l6IrI73Pg+lrisEtcgX+0Q==", "updater": "rhel-vex", "name": "CVE-2026-3784", "description": "A flaw was found in curl. This vulnerability allows curl to wrongly reuse an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different authentication credentials for the HTTP proxy. This improper connection reuse could lead to an attacker gaining unauthorized access to resources or information intended for a different user.", "issued": "2026-03-11T10:09:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3784 https://bugzilla.redhat.com/show_bug.cgi?id=2446449 https://www.cve.org/CVERecord?id=CVE-2026-3784 https://nvd.nist.gov/vuln/detail/CVE-2026-3784 http://www.openwall.com/lists/oss-security/2026/03/11/3 https://curl.se/docs/CVE-2026-3784.html https://curl.se/docs/CVE-2026-3784.json https://hackerone.com/reports/3584903 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3784.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lQBARBTddFvexevUD04GZA==": { "id": "lQBARBTddFvexevUD04GZA==", "updater": "rhel-vex", "name": "CVE-2026-5745", "description": "A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare \"d\" or \"default\" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5745 https://bugzilla.redhat.com/show_bug.cgi?id=2455921 https://www.cve.org/CVERecord?id=CVE-2026-5745 https://nvd.nist.gov/vuln/detail/CVE-2026-5745 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5745.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lppk3oI+Rm/KVCEYBGVKcg==": { "id": "lppk3oI+Rm/KVCEYBGVKcg==", "updater": "rhel-vex", "name": "CVE-2026-40355", "description": "A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling `gss_accept_sec_context()` on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service (DoS).", "issued": "2026-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-40355 https://bugzilla.redhat.com/show_bug.cgi?id=2463370 https://www.cve.org/CVERecord?id=CVE-2026-40355 https://nvd.nist.gov/vuln/detail/CVE-2026-40355 https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f https://web.mit.edu/kerberos/advisories/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40355.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mJw+LvAbCoVMIOZXCXNFpg==": { "id": "mJw+LvAbCoVMIOZXCXNFpg==", "updater": "rhel-vex", "name": "CVE-2025-5916", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://www.cve.org/CVERecord?id=CVE-2025-5916 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5916.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mYgwcPpa/l0bTZdysqbplg==": { "id": "mYgwcPpa/l0bTZdysqbplg==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json https://access.redhat.com/errata/RHSA-2025:22376", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.13-14.el9_7", "arch_op": "pattern match" }, "mZCCwO//htsOIXazj/SeOw==": { "id": "mZCCwO//htsOIXazj/SeOw==", "updater": "rhel-vex", "name": "CVE-2026-31789", "description": "A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an attacker to execute arbitrary code. This issue is considered low severity due to the specific conditions required for exploitation, including the need for an extremely large certificate and a 32-bit operating environment.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31789 https://bugzilla.redhat.com/show_bug.cgi?id=2451095 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31789.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ncqqUTuMttuUZ8SF9/Ywrg==": { "id": "ncqqUTuMttuUZ8SF9/Ywrg==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "oqSc7q4k6wTno/u9knscCQ==": { "id": "oqSc7q4k6wTno/u9knscCQ==", "updater": "rhel-vex", "name": "CVE-2024-9681", "description": "A vulnerability was found in curl. When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than intended.", "issued": "2024-11-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-9681 https://bugzilla.redhat.com/show_bug.cgi?id=2322969 https://www.cve.org/CVERecord?id=CVE-2024-9681 https://nvd.nist.gov/vuln/detail/CVE-2024-9681 https://hackerone.com/reports/2764830 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-9681.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qFIYjZJeFnLAVC7lR0n6oQ==": { "id": "qFIYjZJeFnLAVC7lR0n6oQ==", "updater": "rhel-vex", "name": "CVE-2026-0989", "description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0989 https://bugzilla.redhat.com/show_bug.cgi?id=2429933 https://www.cve.org/CVERecord?id=CVE-2026-0989 https://nvd.nist.gov/vuln/detail/CVE-2026-0989 https://gitlab.gnome.org/GNOME/libxml2/-/issues/998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0989.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rz/CPeG1fPitayrSa0BFxQ==": { "id": "rz/CPeG1fPitayrSa0BFxQ==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "sJNoOKrtqJYf9M2tWcTlqg==": { "id": "sJNoOKrtqJYf9M2tWcTlqg==", "updater": "rhel-vex", "name": "CVE-2025-15281", "description": "A flaw was found in glibc. When the wordexp function is called with the flags WRDE_REUSE and WRDE_APPEND, it may return uninitialized memory. If the caller inspects the we_wordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of service.", "issued": "2026-01-20T13:22:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15281 https://bugzilla.redhat.com/show_bug.cgi?id=2431196 https://www.cve.org/CVERecord?id=CVE-2025-15281 https://nvd.nist.gov/vuln/detail/CVE-2025-15281 https://sourceware.org/bugzilla/show_bug.cgi?id=33814 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15281.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "smB1yCGhBb8gDhPAER7odg==": { "id": "smB1yCGhBb8gDhPAER7odg==", "updater": "rhel-vex", "name": "CVE-2025-14524", "description": "A flaw was found in curl. When an OAuth2 (Open Authorization) bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a different scheme like IMAP, LDAP, POP3, or SMTP, curl might incorrectly pass the bearer token to the new target host. This could lead to information disclosure, where sensitive authentication tokens are exposed to unintended recipients.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14524 https://bugzilla.redhat.com/show_bug.cgi?id=2426407 https://www.cve.org/CVERecord?id=CVE-2025-14524 https://nvd.nist.gov/vuln/detail/CVE-2025-14524 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14524.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "svCt47J2Zwa45xj8gn3U/w==": { "id": "svCt47J2Zwa45xj8gn3U/w==", "updater": "rhel-vex", "name": "CVE-2026-1485", "description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1485 https://bugzilla.redhat.com/show_bug.cgi?id=2433325 https://www.cve.org/CVERecord?id=CVE-2026-1485 https://nvd.nist.gov/vuln/detail/CVE-2026-1485 https://gitlab.gnome.org/GNOME/glib/-/issues/3871 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1485.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sykv+pGN4TXggZNIwL/H4g==": { "id": "sykv+pGN4TXggZNIwL/H4g==", "updater": "rhel-vex", "name": "CVE-2025-5915", "description": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://www.cve.org/CVERecord?id=CVE-2025-5915 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5915.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tbhLz74i3ShwS72WbIsoOA==": { "id": "tbhLz74i3ShwS72WbIsoOA==", "updater": "rhel-vex", "name": "CVE-2023-50495", "description": "A vulnerability was found in the NCurses package, where a segmentation fault may be triggered through _nc_wrap_entry().", "issued": "2023-12-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-50495 https://bugzilla.redhat.com/show_bug.cgi?id=2254244 https://www.cve.org/CVERecord?id=CVE-2023-50495 https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-50495.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u0cs09LPRVEEfen4PHM6gA==": { "id": "u0cs09LPRVEEfen4PHM6gA==", "updater": "rhel-vex", "name": "CVE-2026-0990", "description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0990 https://bugzilla.redhat.com/show_bug.cgi?id=2429959 https://www.cve.org/CVERecord?id=CVE-2026-0990 https://nvd.nist.gov/vuln/detail/CVE-2026-0990 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0990.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u90uEyQ6vxfKeIQvjGNTHQ==": { "id": "u90uEyQ6vxfKeIQvjGNTHQ==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "uWz4SaM79VpO4EPAy+0C8g==": { "id": "uWz4SaM79VpO4EPAy+0C8g==", "updater": "rhel-vex", "name": "CVE-2026-5435", "description": "A flaw was found in glibc, the GNU C Library. Specifically, deprecated functions responsible for printing TSIG (Transaction Signature) records fail to properly manage memory buffers. This oversight can lead to an out-of-bounds write when processing specially crafted TSIG records. An attacker could exploit this to cause a denial of service or potentially execute arbitrary code.", "issued": "2026-04-28T11:58:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5435 https://bugzilla.redhat.com/show_bug.cgi?id=2463465 https://www.cve.org/CVERecord?id=CVE-2026-5435 https://nvd.nist.gov/vuln/detail/CVE-2026-5435 https://inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/#u https://sourceware.org/bugzilla/show_bug.cgi?id=34033 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5435.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uaetuJImncB6wudykQLpEA==": { "id": "uaetuJImncB6wudykQLpEA==", "updater": "rhel-vex", "name": "CVE-2025-1632", "description": "A flaw was found in the bsdunzip utility of libarchive. In affected versions, a specially crafted file may trigger a null pointer dereference. This issue can lead to an application crash or other unexpected behavior. This bug does not compromise the integrity or availability of the base system.", "issued": "2025-02-24T13:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1632 https://bugzilla.redhat.com/show_bug.cgi?id=2347309 https://www.cve.org/CVERecord?id=CVE-2025-1632 https://nvd.nist.gov/vuln/detail/CVE-2025-1632 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1632.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uu3d3lIlYVCZwOjqoNec3g==": { "id": "uu3d3lIlYVCZwOjqoNec3g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libblkid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "vQmd/px1n2vUjUceHOjVLA==": { "id": "vQmd/px1n2vUjUceHOjVLA==", "updater": "rhel-vex", "name": "CVE-2026-29111", "description": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).", "issued": "2026-03-23T21:03:56Z", "links": "https://access.redhat.com/security/cve/CVE-2026-29111 https://bugzilla.redhat.com/show_bug.cgi?id=2450505 https://www.cve.org/CVERecord?id=CVE-2026-29111 https://nvd.nist.gov/vuln/detail/CVE-2026-29111 https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6 https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412 https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69 https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6 https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8 https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29111.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vtpIIEEoAREfzDi0+K26Fg==": { "id": "vtpIIEEoAREfzDi0+K26Fg==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "xxrOMZzPk7ETmnvrIjBo0A==": { "id": "xxrOMZzPk7ETmnvrIjBo0A==", "updater": "rhel-vex", "name": "CVE-2025-60753", "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", "issued": "2025-11-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-60753 https://bugzilla.redhat.com/show_bug.cgi?id=2412648 https://www.cve.org/CVERecord?id=CVE-2025-60753 https://nvd.nist.gov/vuln/detail/CVE-2025-60753 https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753 https://github.com/libarchive/libarchive/issues/2725 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-60753.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "y/3qWQj3xOUQpm2CUr+ftg==": { "id": "y/3qWQj3xOUQpm2CUr+ftg==", "updater": "rhel-vex", "name": "CVE-2025-9820", "description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "issued": "2025-11-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9820 https://bugzilla.redhat.com/show_bug.cgi?id=2392528 https://www.cve.org/CVERecord?id=CVE-2025-9820 https://nvd.nist.gov/vuln/detail/CVE-2025-9820 https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5 https://gitlab.com/gnutls/gnutls/-/issues/1732 https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9820.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "y7I268PAr74OoToX85XE8w==": { "id": "y7I268PAr74OoToX85XE8w==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "yUucg71orzE08FiDgaKBPQ==": { "id": "yUucg71orzE08FiDgaKBPQ==", "updater": "rhel-vex", "name": "CVE-2025-9230", "description": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9230 https://bugzilla.redhat.com/show_bug.cgi?id=2396054 https://www.cve.org/CVERecord?id=CVE-2025-9230 https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9230.json https://access.redhat.com/errata/RHSA-2025:21255", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-4.el9_7", "arch_op": "pattern match" }, "ymKqobod4xPivmLT/iq9oQ==": { "id": "ymKqobod4xPivmLT/iq9oQ==", "updater": "rhel-vex", "name": "CVE-2026-41990", "description": "A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a bounds check when writing to a static array. While the data involved is not directly controlled by an attacker, this vulnerability could lead to memory corruption, potentially resulting in a denial of service (DoS) or affecting data integrity.", "issued": "2026-04-23T04:39:04Z", "links": "https://access.redhat.com/security/cve/CVE-2026-41990 https://bugzilla.redhat.com/show_bug.cgi?id=2461068 https://www.cve.org/CVERecord?id=CVE-2026-41990 https://nvd.nist.gov/vuln/detail/CVE-2026-41990 https://dev.gnupg.org/T8208 https://lists.gnupg.org/pipermail/gnupg-announce/2026q2/000503.html https://www.openwall.com/lists/oss-security/2026/04/21/1 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41990.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yzZzF1vLZmeTiLJMgY7W0Q==": { "id": "yzZzF1vLZmeTiLJMgY7W0Q==", "updater": "rhel-vex", "name": "CVE-2025-7039", "description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "issued": "2025-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-7039 https://bugzilla.redhat.com/show_bug.cgi?id=2392423 https://www.cve.org/CVERecord?id=CVE-2025-7039 https://nvd.nist.gov/vuln/detail/CVE-2025-7039 https://gitlab.gnome.org/GNOME/glib/-/issues/3716 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-7039.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "z/beWyrkyrQJfgGCkMIsWg==": { "id": "z/beWyrkyrQJfgGCkMIsWg==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libsmartcols", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "zmNQpHydwXFAJmLcFFYiyQ==": { "id": "zmNQpHydwXFAJmLcFFYiyQ==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libuuid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "znnZtQrOfSxqGV/OZKzI5g==": { "id": "znnZtQrOfSxqGV/OZKzI5g==", "updater": "rhel-vex", "name": "CVE-2026-4111", "description": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.", "issued": "2026-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4111 https://bugzilla.redhat.com/show_bug.cgi?id=2446453 https://www.cve.org/CVERecord?id=CVE-2026-4111 https://nvd.nist.gov/vuln/detail/CVE-2026-4111 https://github.com/libarchive/libarchive/pull/2877 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4111.json https://access.redhat.com/errata/RHSA-2026:5080", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-7.el9_7", "arch_op": "pattern match" }, "zqGJegkbTlVqcHBa6HtRTQ==": { "id": "zqGJegkbTlVqcHBa6HtRTQ==", "updater": "rhel-vex", "name": "CVE-2025-14017", "description": "A flaw was found in curl. When performing multi-threaded LDAPS (Lightweight Directory Access Protocol Secure) transfers, changes to Transport Layer Security (TLS) options in one thread could inadvertently apply globally, affecting other concurrent transfers. This could lead to unintended security posture changes, such as disabling certificate verification for other threads. This vulnerability can result in a security bypass, where expected security checks are not performed.", "issued": "2026-01-08T10:07:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14017 https://bugzilla.redhat.com/show_bug.cgi?id=2427870 https://www.cve.org/CVERecord?id=CVE-2025-14017 https://nvd.nist.gov/vuln/detail/CVE-2025-14017 https://curl.se/docs/CVE-2025-14017.html https://curl.se/docs/CVE-2025-14017.json https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14017.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" } }, "package_vulnerabilities": { "+bwl6UbMaWOBWdHNekJsEw==": [ "AD3UsMwxeXvBzVWIm5l5yw==" ], "/L1kFEoHZTukrNTCQLypFQ==": [ "aOUfuyvyyWEe7Z1IZT+fGw==" ], "/ub7EE8Da46T0x7lRdlVJg==": [ "z/beWyrkyrQJfgGCkMIsWg==", "T+jfDhqJcXwVQ38oWEz/6g==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "2gCbp4kt+cF44NF/LqukDg==": [ "S5Dzz9cigoJDCj8s5UcT0g==" ], "6WyRl8U3PR6ipKlxqlBzFA==": [ "tbhLz74i3ShwS72WbIsoOA==" ], "7mDaaxs3ev+uNEDYC97U3Q==": [ "1npmxgSnoYj2MyAhQMaE7g==" ], "7ra56f21gLrcSpBD8a9+NQ==": [ "BheYJlsY7UG2Ru8eF1IU4g==", "TccjTp2Y8sTyWrjrm24IKA==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "CpfomSYboaXPZ9yn9NgGgw==": [ "7aI+wyLEqkIPj2Wh4f1UKg==", "lppk3oI+Rm/KVCEYBGVKcg==" ], "FZ9gWulzkx76xjTSH/yM/g==": [ "L1pkWyFlg006sdV2pKTg4A==" ], "FrUQI+koTfbikRk1jsFd0w==": [ "XPUXyp+BOEJyEGOgXafi8Q==" ], "IZ65O3ZOapykHwhaOX1/YA==": [ "hHDtCxiuvJ9VSCSwnEG0Fw==" ], "KXUGN6voGlWUMRN5TCFy4w==": [ "QSP4YGVknCXnnhDrDAxftg==", "DrIVK8+yvV91OzF2CS9o5A==", "QskDoDnTSvrQeDXklM4YOw==", "vQmd/px1n2vUjUceHOjVLA==" ], "M9YTWinowLqOqX/+8mbhjg==": [ "LeWRqc+lggRL8KnG53e6CA==", "g6ZHihkpvpkr3oZoVOs05w==", "bugTfOdgCaATW4vTnuXTSQ==", "HxI42iSjURjRki+uV6q/9w==" ], "O1acB+rpl9OLkk9I6phF7Q==": [ "WxO9le6q4ACTs4KnSuckDw==" ], "OCIjbR16ktOEiFK36r0WNw==": [ "LuirMfnv2JkWFEU8MUuKUQ==" ], "OaFmq38HlbKLTTEM/qATzg==": [ "rz/CPeG1fPitayrSa0BFxQ==", "l1pK1ezh6e0g8I+Dp2iK7w==", "6rEIsdyQtCC456AuGwgsDQ==", "8MfvwX+dRI6Qt2H+x71rZg==", "oqSc7q4k6wTno/u9knscCQ==", "zqGJegkbTlVqcHBa6HtRTQ==", "Pza9Y2xtH9MChVMkZwgw2A==", "smB1yCGhBb8gDhPAER7odg==", "l6IrI73Pg+lrisEtcgX+0Q==", "YIlv6HIDfGqvZL/MDTWWpg==", "FQwXyPZ+oHyxQZ9RBQXbpw==", "X7DmUVoCri5i6vdYVBBgXg==", "a9FllBAJiFi5FeYl0KG4aQ==", "3UNcgW64Eji4iyY2ZDB1cg==" ], "P5Om9zCJ/QZ+hnrEvj6fGw==": [ "ymKqobod4xPivmLT/iq9oQ==" ], "PIk2BBAWexCFofMi5q03RA==": [ "S5Dzz9cigoJDCj8s5UcT0g==" ], "S8p9UGak1oycptcpYp/1eg==": [ "d/522T+B/ARMNSG+3QfAWA==" ], "SjQtW3gQmgt+Qj8JlnY4Mg==": [ "bgJs7DKkcMwNTsh9yTDgQg==", "uu3d3lIlYVCZwOjqoNec3g==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "WtG8AvirpmNJ8wVE+fxfGQ==": [ "FLpBF1y0CvCfFuXOmlaRZw==", "AwYRRq6SmgfJLn2NZxQUdw==", "qFIYjZJeFnLAVC7lR0n6oQ==", "RHShqbO2hqcBNPYbKDg/3A==", "8kndQj/aRn+NNJdGVP9v4g==", "DTApvRZh1HJD5XbbpU3ahw==", "jiVVTQmOtKqVixv7agF/Hg==", "u0cs09LPRVEEfen4PHM6gA==", "F4WBuBnk4OQIl1a5Q4CVPg==", "8ZCpE1M7eqNdy615aO2gLQ==", "mYgwcPpa/l0bTZdysqbplg==" ], "XJlS+gwEt7T+nNr/Bflqzg==": [ "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==" ], "XMkvB1ljVS0bNTUu2UEs3g==": [ "XPUXyp+BOEJyEGOgXafi8Q==" ], "ZabCZVOpeuHGnRiGdzqBig==": [ "L1pkWyFlg006sdV2pKTg4A==" ], "ayTA+mXRKgSCRl5LaqP4/w==": [ "JqWXvYyB4T300h7KRcWtFA==", "klH60uFrR0WkawaSlcOEKg==", "VYGbkY0i6P3tRJd9mM1wNg==", "PrCrIesi0sSvMQjPpvxecw==", "Qbjoqw6Ot3cGOKNyQYBo4g==", "e0VfCD1REapdkagkByCnXQ==", "svCt47J2Zwa45xj8gn3U/w==", "ixc06f0H9vqMfsbwQSwwvA==", "yzZzF1vLZmeTiLJMgY7W0Q==", "NrTzMmbWyM5UeSvnQVNLOg==", "Eh3WlvVSpgyvj1kaA5So7g==" ], "eK3V3oi6vbIfOQRAcWBYDw==": [ "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==" ], "iVtx1BX52G3zRfk+g/oWIg==": [ "78ARTcr/iVbEbtXWNEyadA==", "7eKrcl3YwGJqhWmZNbH7Eg==", "KCgZ2MK707GRfjAO2Q3SOA==", "Q6o565VsHFcmyuOW6jCOGw==", "fFM0zIKtKuexRqlZMkzQpg==", "3bb0a18NQSPWO0aeq9twVw==", "WP0Zjo/ORuC7+jbSIrru8A==", "Argl342WI7oZtgSo+p9kMA==", "ncqqUTuMttuUZ8SF9/Ywrg==", "u90uEyQ6vxfKeIQvjGNTHQ==", "429KD7e1Cl6AyUZNBGOTQw==", "OB9n4NdBrq+3wlcM9+90Dg==", "JK4fCJz1Ja5lmfE/vF5PcQ==", "D7U85Qc3CYAscEzhSfT76A==", "e/EuZlSZUQTHCSl8kHuFag==", "+U7CyAHaY71mhNm2Xnq2uw==", "y7I268PAr74OoToX85XE8w==", "bjyLMZdYnkrpUxDySiQ34Q==", "4u3exWl+MPcCOYOgbQLM+A==", "ixD2h349uZz3eCy55KxIlw==", "j/vFtwZCr4ow5q2VPKgR9g==", "/jvSCV2RwJ6c/Llx9z8uvA==", "Jrkns8qeStFRPhcitcuZ4w==", "yUucg71orzE08FiDgaKBPQ==", "GWKQvGJTKzyU9GiQECoFhg==", "5amguv6OT1njd8r+RXMCQQ==", "2TDjlt2gAEWsLyBBPigFYw==", "WVv0x6iWhzRgZZTPZ190Ng==", "M293c+QguJ/aaYP3cMwfyQ==", "Ie7rkr8oApZOM9PK2gFB6A==", "0E1VjQWdmolR9lr9ElIZZQ==", "6hAQW3vY9ZA/8datv1rY4g==", "TwoNniaY2Urt7TF64epJXg==", "mZCCwO//htsOIXazj/SeOw==", "YtNpM5pykErH+UBXZABWdg==", "5BksN0izCeDRrtFMsNCyvg==" ], "izPQpATHYfezyT+kcua/tQ==": [ "1/8/Mjb4nleg0SsOivHAww==", "XdzUGUJMTsfPfs79OXKU4Q==", "y/3qWQj3xOUQpm2CUr+ftg==", "f6oGdnhZomBa/bs3snB3kA==" ], "kAEPeyZOK/FwFoG6mOFUbQ==": [ "VzbOWZs6Sa8zFH+GQEnasQ==" ], "lad8JH31WlI0MsNEYhUWlA==": [ "Iy2V+5RC7ENxxmnS9KdBOw==", "SYSyRuW2vXdWcXLSfRP1aQ==", "1hhG+RKT0fsxlS/Wf/LWEA==", "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==", "IrRjtVOpf04EO7iAKFAznQ==", "sJNoOKrtqJYf9M2tWcTlqg==", "+UOyQgpOAnrWS+mVMK5k1Q==" ], "mDM1q1sl0PqUWEn54kTSRw==": [ "N7otM4CJgwQwy0Mz0UA3Vw==", "Lhc4n2a9ma6eRDB/RCRmLQ==", "6rEIsdyQtCC456AuGwgsDQ==", "8MfvwX+dRI6Qt2H+x71rZg==", "oqSc7q4k6wTno/u9knscCQ==", "zqGJegkbTlVqcHBa6HtRTQ==", "Pza9Y2xtH9MChVMkZwgw2A==", "smB1yCGhBb8gDhPAER7odg==", "l6IrI73Pg+lrisEtcgX+0Q==", "YIlv6HIDfGqvZL/MDTWWpg==", "FQwXyPZ+oHyxQZ9RBQXbpw==", "X7DmUVoCri5i6vdYVBBgXg==", "a9FllBAJiFi5FeYl0KG4aQ==", "3UNcgW64Eji4iyY2ZDB1cg==" ], "nzQEyt4JfkGeZIIHPiBhog==": [ "zmNQpHydwXFAJmLcFFYiyQ==", "bOC69k4Gpn8Av1w/ra2Tdw==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "nzlusFbkan5h1d1Ks+BKBQ==": [ "tbhLz74i3ShwS72WbIsoOA==" ], "rY/kE/V4JnxYoqV+lmc9mg==": [ "DDxCHnX+kCqcRQj9b90/cg==" ], "v3i4ez5juML2ZWwR+6dFFg==": [ "PUCpgzV2LGcCb5yPJbawGw==", "AUiFITCnRjRxctzqqbDeeA==", "9iigvnuYDaC8UzcOIDLjIQ==", "iF/o4aDbQf1DAw7R+LiVQw==", "GAn7gWUe2pFr7PbwechqxA==", "76z9Mpn8Jp7lhZSPsHTHug==" ], "wfJGCqOH8d+IYg/dAepx1A==": [ "vtpIIEEoAREfzDi0+K26Fg==", "eUh0vSDVmqXTnsB7jL0b4g==", "znnZtQrOfSxqGV/OZKzI5g==", "uaetuJImncB6wudykQLpEA==", "VWEbeFnFOHy1IkG21b5a5g==", "xxrOMZzPk7ETmnvrIjBo0A==", "mJw+LvAbCoVMIOZXCXNFpg==", "76mWuVYhbmIFsc4DNorK9A==", "lQBARBTddFvexevUD04GZA==", "sykv+pGN4TXggZNIwL/H4g==", "Kqq2xlybjD/tOLmQWu2xPw==", "Ez8lHT2uV9Tf9vJC/T4WXg==", "YX2rGofSXHBcNhTOGpNkAA==", "LxYgcRll4fEnbCHHZWt4BA==", "KMGV9rbVZ/vVUNSX6f+JqA==" ] }, "enrichments": {} } pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 4, "warnings": [ { "msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libnghttp2-1.43.0-6.el9 (CVE-2026-27135), libarchive-3.5.3-6.el9_6 (CVE-2026-4111, CVE-2026-4424), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-15467), sqlite-libs-3.34.1-8.el9_6 (CVE-2025-6965), gnupg2-2.3.3-4.el9 (CVE-2025-68973)", "name": "clair_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 6 } }, { "msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libcap-2.48-9.el9_2 (CVE-2026-4878), krb5-libs-1.21.1-8.el9_6 (CVE-2026-40356)", "name": "clair_unpatched_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 2 } }, { "msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libmount-2.37.4-21.el9 (CVE-2025-14104), libuuid-2.37.4-21.el9 (CVE-2025-14104), systemd-libs-252-51.el9_6.2 (CVE-2025-4598), libblkid-2.37.4-21.el9 (CVE-2025-14104), glib2-2.68.4-16.el9_6.2 (CVE-2025-13601), libarchive-3.5.3-6.el9_6 (CVE-2026-5121), libsmartcols-2.37.4-21.el9 (CVE-2025-14104), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2025-9086), libxml2-2.9.13-12.el9_6 (CVE-2025-9714), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-11187, CVE-2025-69419, CVE-2025-9230), gnutls-3.8.3-6.el9_6.2 (CVE-2025-14831), glibc-2.34-168.el9_6.23 (CVE-2026-0915), curl-minimal-7.76.1-31.el9_6.1 (CVE-2025-9086)", "name": "clair_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 15 } }, { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: glibc-minimal-langpack-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), libmount-2.37.4-21.el9 (CVE-2026-27456), libuuid-2.37.4-21.el9 (CVE-2026-27456), coreutils-single-8.32-39.el9 (CVE-2025-5278), systemd-libs-252-51.el9_6.2 (CVE-2026-29111, CVE-2026-4105), libblkid-2.37.4-21.el9 (CVE-2026-27456), glib2-2.68.4-16.el9_6.2 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), libarchive-3.5.3-6.el9_6 (CVE-2023-30571, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), libsmartcols-2.37.4-21.el9 (CVE-2026-27456), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), libxml2-2.9.13-12.el9_6 (CVE-2026-0990, CVE-2026-1757, CVE-2026-6732), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2026-28386, CVE-2026-28390, CVE-2026-31790), openldap-2.6.8-4.el9 (CVE-2026-22185), gnupg2-2.3.3-4.el9 (CVE-2025-68972), glibc-common-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), glibc-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), xz-libs-5.2.5-8.el9_0 (CVE-2026-34743), krb5-libs-1.21.1-8.el9_6 (CVE-2026-40355), curl-minimal-7.76.1-31.el9_6.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 52 } }, { "msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796), gnutls-3.8.3-6.el9_6.2 (CVE-2025-9820), shadow-utils-2:4.9-12.el9 (CVE-2024-56433), glibc-2.34-168.el9_6.23 (CVE-2025-15281, CVE-2026-0861)", "name": "clair_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 13 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libstdc++-11.5.0-5.el9_5 (CVE-2022-27943), zlib-1.2.11-40.el9 (CVE-2026-27171), glibc-minimal-langpack-2.34-168.el9_6.23 (CVE-2026-4438), libgcc-11.5.0-5.el9_5 (CVE-2022-27943), gawk-5.1.0-6.el9 (CVE-2023-4156), libtasn1-4.16.0-9.el9 (CVE-2025-13151), pcre2-syntax-10.40-6.el9 (CVE-2022-41409), pcre2-10.40-6.el9 (CVE-2022-41409), glib2-2.68.4-16.el9_6.2 (CVE-2023-32636, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), libgcrypt-1.10.0-11.el9 (CVE-2026-41990), libarchive-3.5.3-6.el9_6 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-15079, CVE-2025-15224), libxml2-2.9.13-12.el9_6 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), openssl-fips-provider-so-3.0.7-6.el9_5 (CVE-2026-2673), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232, CVE-2026-2673, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), sqlite-libs-3.34.1-8.el9_6 (CVE-2024-0232, CVE-2025-70873), gnupg2-2.3.3-4.el9 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), ncurses-base-6.2-10.20210508.el9_6.2 (CVE-2023-50495), glibc-common-2.34-168.el9_6.23 (CVE-2026-4438), glibc-2.34-168.el9_6.23 (CVE-2026-4438), ncurses-libs-6.2-10.20210508.el9_6.2 (CVE-2023-50495), openssl-fips-provider-3.0.7-6.el9_5 (CVE-2026-2673), curl-minimal-7.76.1-31.el9_6.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-15079, CVE-2025-15224)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 55 } } ] } ] {"vulnerabilities":{"critical":0,"high":6,"medium":15,"low":13,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":2,"medium":52,"low":55,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry:6dfc0e7818e3cee33bb9a249454b22fc82dd0f9f", "digests": ["sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589"]}} {"result":"SUCCESS","timestamp":"2026-04-29T11:36:02+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: gh-multi-component-parent-qdry-on-push-2b46z-init-pod | init container: prepare 2026/04/29 11:20:29 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-init-pod | container step-init: time="2026-04-29T11:21:27Z" level=info msg="[param] enable: false" time="2026-04-29T11:21:27Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:21:27Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:21:27Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:21:27Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:21:27Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:21:27Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:21:27Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:21:27Z" level=info msg="[result] NO PROXY: " pod: gh-multi-component-parent-qdry-on-push-zfmq7-init-pod | init container: prepare 2026/04/29 11:43:55 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-zfmq7-init-pod | container step-init: time="2026-04-29T11:44:04Z" level=info msg="[param] enable: false" time="2026-04-29T11:44:04Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:44:04Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:44:04Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:44:04Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:44:04Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:44:04Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:44:04Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:44:04Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-multi-component-parent-qdry-on-push-45lcb found after retrigger for component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun gh-multi-component-parent-qdry-on-push-45lcb found for Component build-e2e-sctz/gh-multi-component-parent-qdry PipelineRun gh-multi-component-parent-qdry-on-push-45lcb reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-qdry-on-push-45lcb reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-45lcb reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-45lcb reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-45lcb reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-45lcb reason: Running PipelineRun gh-multi-component-parent-qdry-on-push-45lcb reason: Failed attempt 3/3: PipelineRun "gh-multi-component-parent-qdry-on-push-45lcb" failed: pod: gh-multi-component-parent-qdry-on-pull-request-5cvdz-init-pod | init container: prepare 2026/04/29 11:06:16 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-pull-request-5cvdz-init-pod | container step-init: time="2026-04-29T11:06:19Z" level=info msg="[param] enable: false" time="2026-04-29T11:06:19Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:06:19Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:06:19Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:06:19Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:06:19Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:06:19Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:06:19Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:06:19Z" level=info msg="[result] NO PROXY: " pod: gh-multi-component-parent-qdry-on-push-2b46z-apply-tags-pod | init container: prepare 2026/04/29 11:33:39 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-apply-tags-pod | container step-apply-additional-tags: time="2026-04-29T11:34:21Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry:6dfc0e7818e3cee33bb9a249454b22fc82dd0f9f" time="2026-04-29T11:34:21Z" level=info msg="[param] digest: sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589" time="2026-04-29T11:34:21Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-29T11:34:22Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | init container: prepare 2026/04/29 11:32:59 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | init container: place-scripts 2026/04/29 11:33:14 Decoded script /tekton/scripts/script-0-8pcw5 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-1-k99l2 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-2-ghmvw 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-3-jvvln pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589. pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... 2026-04-29T11:34:39Z INF matchers created component=libvuln/New matchers=[{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"}] 2026-04-29T11:34:39Z INF libvuln initialized component=libvuln/New 2026-04-29T11:34:41Z INF registered configured scanners component=libindex/New 2026-04-29T11:34:41Z INF NewLayerScanner: constructing a new layer-scanner component=indexer.NewLayerScanner 2026-04-29T11:34:41Z INF index request start component=libindex/Libindex.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 2026-04-29T11:34:41Z INF starting scan component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 2026-04-29T11:34:41Z INF manifest to be scanned component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=CheckManifest 2026-04-29T11:34:41Z INF layers fetch start component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers fetch success component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers fetch done component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers scan start component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=ScanLayers 2026-04-29T11:34:42Z INF layers scan done component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=ScanLayers 2026-04-29T11:34:42Z INF starting index manifest component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexManifest 2026-04-29T11:34:42Z INF finishing scan component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexFinished 2026-04-29T11:34:42Z INF manifest successfully scanned component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexFinished 2026-04-29T11:34:42Z INF index request done component=libindex/Libindex.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 { "manifest_hash": "sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589", "packages": { "+A7/nzEXX3Q/xJZ50VMnlQ==": { "id": "+A7/nzEXX3Q/xJZ50VMnlQ==", "name": "libidn2", "version": "2.3.0-7.el9", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.3.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+X1MdmtPTbyDb/wq7joJhA==": { "id": "+X1MdmtPTbyDb/wq7joJhA==", "name": "libtool-ltdl", "version": "2.4.6-46.el9", "kind": "binary", "source": { "id": "", "name": "libtool", "version": "2.4.6-46.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+bwl6UbMaWOBWdHNekJsEw==": { "id": "+bwl6UbMaWOBWdHNekJsEw==", "name": "coreutils-single", "version": "8.32-39.el9", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.32-39.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/L1kFEoHZTukrNTCQLypFQ==": { "id": "/L1kFEoHZTukrNTCQLypFQ==", "name": "xz-libs", "version": "5.2.5-8.el9_0", "kind": "binary", "source": { "id": "", "name": "xz", "version": "5.2.5-8.el9_0", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/O7rOBo1qRMFm3q3Kf3mEw==": { "id": "/O7rOBo1qRMFm3q3Kf3mEw==", "name": "libselinux", "version": "3.6-3.el9", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "3.6-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/h/TBQhfoSMCmey5oN87jA==": { "id": "/h/TBQhfoSMCmey5oN87jA==", "name": "libsolv", "version": "0.7.24-3.el9", "kind": "binary", "source": { "id": "", "name": "libsolv", "version": "0.7.24-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/ub7EE8Da46T0x7lRdlVJg==": { "id": "/ub7EE8Da46T0x7lRdlVJg==", "name": "libsmartcols", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "0T19Aon0dgLleTpQjLWzKw==": { "id": "0T19Aon0dgLleTpQjLWzKw==", "name": "crypto-policies", "version": "20250128-1.git5269e22.el9", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20250128-1.git5269e22.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "1atoBfoH0mJ0bCpetQ7/0g==": { "id": "1atoBfoH0mJ0bCpetQ7/0g==", "name": "file-libs", "version": "5.39-16.el9", "kind": "binary", "source": { "id": "", "name": "file", "version": "5.39-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "2gCbp4kt+cF44NF/LqukDg==": { "id": "2gCbp4kt+cF44NF/LqukDg==", "name": "pcre2-syntax", "version": "10.40-6.el9", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.40-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "5+tHFkkNi+1rUDSrmgYdkw==": { "id": "5+tHFkkNi+1rUDSrmgYdkw==", "name": "p11-kit-trust", "version": "0.25.3-3.el9_5", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5fhQlRzIg/IB8EVM2pFIZA==": { "id": "5fhQlRzIg/IB8EVM2pFIZA==", "name": "audit-libs", "version": "3.1.5-4.el9", "kind": "binary", "source": { "id": "", "name": "audit", "version": "3.1.5-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6WyRl8U3PR6ipKlxqlBzFA==": { "id": "6WyRl8U3PR6ipKlxqlBzFA==", "name": "ncurses-base", "version": "6.2-10.20210508.el9_6.2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2-10.20210508.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "7cpIREEQnkaI7dbmWgmrvg==": { "id": "7cpIREEQnkaI7dbmWgmrvg==", "name": "gdbm-libs", "version": "1:1.23-1.el9", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.23-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7mDaaxs3ev+uNEDYC97U3Q==": { "id": "7mDaaxs3ev+uNEDYC97U3Q==", "name": "zlib", "version": "1.2.11-40.el9", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1.2.11-40.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7ra56f21gLrcSpBD8a9+NQ==": { "id": "7ra56f21gLrcSpBD8a9+NQ==", "name": "libmount", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7vssDPaHKfFKMLimKBo7Gw==": { "id": "7vssDPaHKfFKMLimKBo7Gw==", "name": "libpeas", "version": "1.30.0-4.el9", "kind": "binary", "source": { "id": "", "name": "libpeas", "version": "1.30.0-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "8uME+PFu6p/OAD7q+ZTVLw==": { "id": "8uME+PFu6p/OAD7q+ZTVLw==", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9olIUlLHZMdoUMju+8diyQ==": { "id": "9olIUlLHZMdoUMju+8diyQ==", "name": "filesystem", "version": "3.16-5.el9", "kind": "binary", "source": { "id": "", "name": "filesystem", "version": "3.16-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BQhiFmX4hLYteW4oRCLTSA==": { "id": "BQhiFmX4hLYteW4oRCLTSA==", "name": "libassuan", "version": "2.5.5-3.el9", "kind": "binary", "source": { "id": "", "name": "libassuan", "version": "2.5.5-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BRLVvSCW1qZQlEQR2x48fQ==": { "id": "BRLVvSCW1qZQlEQR2x48fQ==", "name": "gobject-introspection", "version": "1.68.0-11.el9", "kind": "binary", "source": { "id": "", "name": "gobject-introspection", "version": "1.68.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "CpfomSYboaXPZ9yn9NgGgw==": { "id": "CpfomSYboaXPZ9yn9NgGgw==", "name": "krb5-libs", "version": "1.21.1-8.el9_6", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.21.1-8.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DrLq8qfU1bfE8o8AfdvkrQ==": { "id": "DrLq8qfU1bfE8o8AfdvkrQ==", "name": "libverto", "version": "0.3.2-3.el9", "kind": "binary", "source": { "id": "", "name": "libverto", "version": "0.3.2-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FZ9gWulzkx76xjTSH/yM/g==": { "id": "FZ9gWulzkx76xjTSH/yM/g==", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "binary", "source": { "id": "", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FrUQI+koTfbikRk1jsFd0w==": { "id": "FrUQI+koTfbikRk1jsFd0w==", "name": "libstdc++", "version": "11.5.0-5.el9_5", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "11.5.0-5.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "G61ZL2SOHR2qgvQfi118gw==": { "id": "G61ZL2SOHR2qgvQfi118gw==", "name": "dejavu-sans-fonts", "version": "2.37-18.el9", "kind": "binary", "source": { "id": "", "name": "dejavu-fonts", "version": "2.37-18.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "HQdWvmyUSqtI3UTY0T4JiQ==": { "id": "HQdWvmyUSqtI3UTY0T4JiQ==", "name": "pcre", "version": "8.44-4.el9", "kind": "binary", "source": { "id": "", "name": "pcre", "version": "8.44-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "I16VSEydeiRYB1TSf5694A==": { "id": "I16VSEydeiRYB1TSf5694A==", "name": "libreport-filesystem", "version": "2.15.2-6.el9", "kind": "binary", "source": { "id": "", "name": "libreport", "version": "2.15.2-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "IZ65O3ZOapykHwhaOX1/YA==": { "id": "IZ65O3ZOapykHwhaOX1/YA==", "name": "libnghttp2", "version": "1.43.0-6.el9", "kind": "binary", "source": { "id": "", "name": "nghttp2", "version": "1.43.0-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JKP7JzVg7UGaAz4VrH03lQ==": { "id": "JKP7JzVg7UGaAz4VrH03lQ==", "name": "langpacks-core-font-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "KF5C+zKu/uFB7knCqOvDAQ==": { "id": "KF5C+zKu/uFB7knCqOvDAQ==", "name": "json-glib", "version": "1.6.6-1.el9", "kind": "binary", "source": { "id": "", "name": "json-glib", "version": "1.6.6-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "KXUGN6voGlWUMRN5TCFy4w==": { "id": "KXUGN6voGlWUMRN5TCFy4w==", "name": "systemd-libs", "version": "252-51.el9_6.2", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "252-51.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Lwqn0aweLQLZmo12VvYcog==": { "id": "Lwqn0aweLQLZmo12VvYcog==", "name": "popt", "version": "1.18-8.el9", "kind": "binary", "source": { "id": "", "name": "popt", "version": "1.18-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "M9YTWinowLqOqX/+8mbhjg==": { "id": "M9YTWinowLqOqX/+8mbhjg==", "name": "sqlite-libs", "version": "3.34.1-8.el9_6", "kind": "binary", "source": { "id": "", "name": "sqlite", "version": "3.34.1-8.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "MDH8Zt4oQWDiYk9qFV5Lbg==": { "id": "MDH8Zt4oQWDiYk9qFV5Lbg==", "name": "libxcrypt", "version": "4.4.18-3.el9", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "4.4.18-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NdCY2/S+syamLH224R4hug==": { "id": "NdCY2/S+syamLH224R4hug==", "name": "langpacks-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "O1acB+rpl9OLkk9I6phF7Q==": { "id": "O1acB+rpl9OLkk9I6phF7Q==", "name": "shadow-utils", "version": "2:4.9-12.el9", "kind": "binary", "source": { "id": "", "name": "shadow-utils", "version": "4.9-12.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OCIjbR16ktOEiFK36r0WNw==": { "id": "OCIjbR16ktOEiFK36r0WNw==", "name": "libtasn1", "version": "4.16.0-9.el9", "kind": "binary", "source": { "id": "", "name": "libtasn1", "version": "4.16.0-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OaFmq38HlbKLTTEM/qATzg==": { "id": "OaFmq38HlbKLTTEM/qATzg==", "name": "libcurl-minimal", "version": "7.76.1-31.el9_6.1", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.76.1-31.el9_6.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OgwdUybWl/HQYbnPTE4Psw==": { "id": "OgwdUybWl/HQYbnPTE4Psw==", "name": "npth", "version": "1.6-8.el9", "kind": "binary", "source": { "id": "", "name": "npth", "version": "1.6-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Ohssf0Jzlafd9vtrrUKCXg==": { "id": "Ohssf0Jzlafd9vtrrUKCXg==", "name": "bash", "version": "5.1.8-9.el9", "kind": "binary", "source": { "id": "", "name": "bash", "version": "5.1.8-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "P5Om9zCJ/QZ+hnrEvj6fGw==": { "id": "P5Om9zCJ/QZ+hnrEvj6fGw==", "name": "libgcrypt", "version": "1.10.0-11.el9", "kind": "binary", "source": { "id": "", "name": "libgcrypt", "version": "1.10.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PIk2BBAWexCFofMi5q03RA==": { "id": "PIk2BBAWexCFofMi5q03RA==", "name": "pcre2", "version": "10.40-6.el9", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.40-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PZXvGa4khHd2n6o73hJ/Pg==": { "id": "PZXvGa4khHd2n6o73hJ/Pg==", "name": "microdnf", "version": "3.9.1-3.el9", "kind": "binary", "source": { "id": "", "name": "microdnf", "version": "3.9.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RXh3fimX8fGZeCt4chJEiA==": { "id": "RXh3fimX8fGZeCt4chJEiA==", "name": "librhsm", "version": "0.0.3-9.el9", "kind": "binary", "source": { "id": "", "name": "librhsm", "version": "0.0.3-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "S8p9UGak1oycptcpYp/1eg==": { "id": "S8p9UGak1oycptcpYp/1eg==", "name": "openldap", "version": "2.6.8-4.el9", "kind": "binary", "source": { "id": "", "name": "openldap", "version": "2.6.8-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "SjQtW3gQmgt+Qj8JlnY4Mg==": { "id": "SjQtW3gQmgt+Qj8JlnY4Mg==", "name": "libblkid", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Su8bfW9ijc0V5CiAum2V1g==": { "id": "Su8bfW9ijc0V5CiAum2V1g==", "name": "bzip2-libs", "version": "1.0.8-10.el9_5", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.8-10.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TPIRq84Pr3a6ywzPeCr3Pw==": { "id": "TPIRq84Pr3a6ywzPeCr3Pw==", "name": "libcap-ng", "version": "0.8.2-7.el9", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.8.2-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "To0NR+oyXDu1CYJfmVGurQ==": { "id": "To0NR+oyXDu1CYJfmVGurQ==", "name": "gpgme", "version": "1.15.1-6.el9", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.15.1-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VV2Z1ngTs6sGvt5SrayPCg==": { "id": "VV2Z1ngTs6sGvt5SrayPCg==", "name": "libgpg-error", "version": "1.42-5.el9", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.42-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VX9V+Y680L2xf2tBREdpCw==": { "id": "VX9V+Y680L2xf2tBREdpCw==", "name": "gmp", "version": "1:6.2.0-13.el9", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "6.2.0-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "WtG8AvirpmNJ8wVE+fxfGQ==": { "id": "WtG8AvirpmNJ8wVE+fxfGQ==", "name": "libxml2", "version": "2.9.13-12.el9_6", "kind": "binary", "source": { "id": "", "name": "libxml2", "version": "2.9.13-12.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XG5+bW8np2NedSy/od6z8Q==": { "id": "XG5+bW8np2NedSy/od6z8Q==", "name": "libacl", "version": "2.3.1-4.el9", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.3.1-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XJlS+gwEt7T+nNr/Bflqzg==": { "id": "XJlS+gwEt7T+nNr/Bflqzg==", "name": "glibc-minimal-langpack", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XMkvB1ljVS0bNTUu2UEs3g==": { "id": "XMkvB1ljVS0bNTUu2UEs3g==", "name": "libgcc", "version": "11.5.0-5.el9_5", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "11.5.0-5.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XwbkaIGCYyq6BjBMVZ1wzw==": { "id": "XwbkaIGCYyq6BjBMVZ1wzw==", "name": "readline", "version": "8.1-4.el9", "kind": "binary", "source": { "id": "", "name": "readline", "version": "8.1-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ZabCZVOpeuHGnRiGdzqBig==": { "id": "ZabCZVOpeuHGnRiGdzqBig==", "name": "openssl-fips-provider-so", "version": "3.0.7-6.el9_5", "kind": "binary", "source": { "id": "", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "arLt5War9yeQ8auYn/Idmw==": { "id": "arLt5War9yeQ8auYn/Idmw==", "name": "nettle", "version": "3.10.1-1.el9", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.10.1-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ayTA+mXRKgSCRl5LaqP4/w==": { "id": "ayTA+mXRKgSCRl5LaqP4/w==", "name": "glib2", "version": "2.68.4-16.el9_6.2", "kind": "binary", "source": { "id": "", "name": "glib2", "version": "2.68.4-16.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bFvWffGqJWr7FWnI7K9NVw==": { "id": "bFvWffGqJWr7FWnI7K9NVw==", "name": "grep", "version": "3.6-5.el9", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.6-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bemGVBhbDe9iV1Kjvd9hAA==": { "id": "bemGVBhbDe9iV1Kjvd9hAA==", "name": "libffi", "version": "3.4.2-8.el9", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.4.2-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bgzKs6bbeWeXxcqE+n7Jog==": { "id": "bgzKs6bbeWeXxcqE+n7Jog==", "name": "libsepol", "version": "3.6-2.el9", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "3.6-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dC9CoYt17eaqinGSVCfCxw==": { "id": "dC9CoYt17eaqinGSVCfCxw==", "name": "libattr", "version": "2.5.1-3.el9", "kind": "binary", "source": { "id": "", "name": "attr", "version": "2.5.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "de44cUqF23LvU0fOSvNRjA==": { "id": "de44cUqF23LvU0fOSvNRjA==", "name": "libevent", "version": "2.1.12-8.el9_4", "kind": "binary", "source": { "id": "", "name": "libevent", "version": "2.1.12-8.el9_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dpQG/pUwAqVv1OdQqnvylQ==": { "id": "dpQG/pUwAqVv1OdQqnvylQ==", "name": "libsigsegv", "version": "2.13-4.el9", "kind": "binary", "source": { "id": "", "name": "libsigsegv", "version": "2.13-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eK3V3oi6vbIfOQRAcWBYDw==": { "id": "eK3V3oi6vbIfOQRAcWBYDw==", "name": "glibc-common", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eRa7MZyiHBvsv7GPhkGKdg==": { "id": "eRa7MZyiHBvsv7GPhkGKdg==", "name": "lua-libs", "version": "5.4.4-4.el9", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.4.4-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eaygsCP+5IpdIryvw94Tcw==": { "id": "eaygsCP+5IpdIryvw94Tcw==", "name": "rootfiles", "version": "8.1-34.el9", "kind": "binary", "source": { "id": "", "name": "rootfiles", "version": "8.1-34.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f8lJd/yoDqE6O0RUQGqkpQ==": { "id": "f8lJd/yoDqE6O0RUQGqkpQ==", "name": "libusbx", "version": "1.0.26-1.el9", "kind": "binary", "source": { "id": "", "name": "libusbx", "version": "1.0.26-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gsKPriszRNKAqMnHK+dXgw==": { "id": "gsKPriszRNKAqMnHK+dXgw==", "name": "libksba", "version": "1.5.1-7.el9", "kind": "binary", "source": { "id": "", "name": "libksba", "version": "1.5.1-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hYEisV19Dxn4PvCvxJFm5A==": { "id": "hYEisV19Dxn4PvCvxJFm5A==", "name": "lz4-libs", "version": "1.9.3-5.el9", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.9.3-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iTD/lpKAM3AZEWh+zVx2tg==": { "id": "iTD/lpKAM3AZEWh+zVx2tg==", "name": "librepo", "version": "1.14.5-2.el9", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.5-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iVtx1BX52G3zRfk+g/oWIg==": { "id": "iVtx1BX52G3zRfk+g/oWIg==", "name": "openssl-libs", "version": "1:3.2.2-6.el9_5.1", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "3.2.2-6.el9_5.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iaJm7Mdk9UadnBII0ZwMeA==": { "id": "iaJm7Mdk9UadnBII0ZwMeA==", "name": "dnf-data", "version": "4.14.0-25.el9", "kind": "binary", "source": { "id": "", "name": "dnf", "version": "4.14.0-25.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "izPQpATHYfezyT+kcua/tQ==": { "id": "izPQpATHYfezyT+kcua/tQ==", "name": "gnutls", "version": "3.8.3-6.el9_6.2", "kind": "binary", "source": { "id": "", "name": "gnutls", "version": "3.8.3-6.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jAjaNW7NMGiv7HfByDu4RQ==": { "id": "jAjaNW7NMGiv7HfByDu4RQ==", "name": "alternatives", "version": "1.24-2.el9", "kind": "binary", "source": { "id": "", "name": "chkconfig", "version": "1.24-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kAEPeyZOK/FwFoG6mOFUbQ==": { "id": "kAEPeyZOK/FwFoG6mOFUbQ==", "name": "libcap", "version": "2.48-9.el9_2", "kind": "binary", "source": { "id": "", "name": "libcap", "version": "2.48-9.el9_2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kFxhSjWy84mTZBM4XiZaeQ==": { "id": "kFxhSjWy84mTZBM4XiZaeQ==", "name": "setup", "version": "2.13.7-10.el9", "kind": "binary", "source": { "id": "", "name": "setup", "version": "2.13.7-10.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "kgbITSeRtKiT7enG8buGXw==": { "id": "kgbITSeRtKiT7enG8buGXw==", "name": "libcom_err", "version": "1.46.5-7.el9", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.5-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kigiD4fuysu8/DeCr+ONKQ==": { "id": "kigiD4fuysu8/DeCr+ONKQ==", "name": "basesystem", "version": "11-13.el9", "kind": "binary", "source": { "id": "", "name": "basesystem", "version": "11-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "kp6BaioAZ30jbVeZkkzokA==": { "id": "kp6BaioAZ30jbVeZkkzokA==", "name": "libzstd", "version": "1.5.5-1.el9", "kind": "binary", "source": { "id": "", "name": "zstd", "version": "1.5.5-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kvpHJLhsWpgEBJjx168pDg==": { "id": "kvpHJLhsWpgEBJjx168pDg==", "name": "tzdata", "version": "2025b-1.el9", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2025b-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "lI6hCbIwETVhCFhL4BxyiQ==": { "id": "lI6hCbIwETVhCFhL4BxyiQ==", "name": "libdnf", "version": "0.69.0-13.el9", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.69.0-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lad8JH31WlI0MsNEYhUWlA==": { "id": "lad8JH31WlI0MsNEYhUWlA==", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mDM1q1sl0PqUWEn54kTSRw==": { "id": "mDM1q1sl0PqUWEn54kTSRw==", "name": "curl-minimal", "version": "7.76.1-31.el9_6.1", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.76.1-31.el9_6.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mK/FUfODp3MR7WS2xegPsw==": { "id": "mK/FUfODp3MR7WS2xegPsw==", "name": "langpacks-core-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "mPqGnMbiXN6jP61aGbHvOA==": { "id": "mPqGnMbiXN6jP61aGbHvOA==", "name": "libyaml", "version": "0.2.5-7.el9", "kind": "binary", "source": { "id": "", "name": "libyaml", "version": "0.2.5-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nzQEyt4JfkGeZIIHPiBhog==": { "id": "nzQEyt4JfkGeZIIHPiBhog==", "name": "libuuid", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nzlusFbkan5h1d1Ks+BKBQ==": { "id": "nzlusFbkan5h1d1Ks+BKBQ==", "name": "ncurses-libs", "version": "6.2-10.20210508.el9_6.2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2-10.20210508.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "pYM7mYzFYUjRrK74RyhfOw==": { "id": "pYM7mYzFYUjRrK74RyhfOw==", "name": "redhat-release", "version": "9.6-0.1.el9", "kind": "binary", "source": { "id": "", "name": "redhat-release", "version": "9.6-0.1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "qYSZ6aKFWol313IOGRXaug==": { "id": "qYSZ6aKFWol313IOGRXaug==", "name": "json-c", "version": "0.14-11.el9", "kind": "binary", "source": { "id": "", "name": "json-c", "version": "0.14-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rCLp3m64Catai9VuHvh3Lw==": { "id": "rCLp3m64Catai9VuHvh3Lw==", "name": "keyutils-libs", "version": "1.6.3-1.el9", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.6.3-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rY/kE/V4JnxYoqV+lmc9mg==": { "id": "rY/kE/V4JnxYoqV+lmc9mg==", "name": "gawk", "version": "5.1.0-6.el9", "kind": "binary", "source": { "id": "", "name": "gawk", "version": "5.1.0-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rlHYqOr0lkUB/Gs6b1kD2g==": { "id": "rlHYqOr0lkUB/Gs6b1kD2g==", "name": "mpfr", "version": "4.1.0-7.el9", "kind": "binary", "source": { "id": "", "name": "mpfr", "version": "4.1.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ssPaV1VLDu6d5ZJ6Rrmh3A==": { "id": "ssPaV1VLDu6d5ZJ6Rrmh3A==", "name": "sed", "version": "4.8-9.el9", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.8-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sx0C6L5COHIkv6yQQyPlbw==": { "id": "sx0C6L5COHIkv6yQQyPlbw==", "name": "libunistring", "version": "0.9.10-15.el9", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.10-15.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u5TyEoU5GA6Z2czzwhMLiA==": { "id": "u5TyEoU5GA6Z2czzwhMLiA==", "name": "fonts-filesystem", "version": "1:2.0.5-7.el9.1", "kind": "binary", "source": { "id": "", "name": "fonts-rpm-macros", "version": "2.0.5-7.el9.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "v3i4ez5juML2ZWwR+6dFFg==": { "id": "v3i4ez5juML2ZWwR+6dFFg==", "name": "gnupg2", "version": "2.3.3-4.el9", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.3.3-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "wCA3gMNtInqX1xg18QcnQg==": { "id": "wCA3gMNtInqX1xg18QcnQg==", "name": "ca-certificates", "version": "2024.2.69_v8.0.303-91.4.el9_4", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "2024.2.69_v8.0.303-91.4.el9_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "wfJGCqOH8d+IYg/dAepx1A==": { "id": "wfJGCqOH8d+IYg/dAepx1A==", "name": "libarchive", "version": "3.5.3-6.el9_6", "kind": "binary", "source": { "id": "", "name": "libarchive", "version": "3.5.3-6.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "x4oijVhQU8BUwJwoFvk4QA==": { "id": "x4oijVhQU8BUwJwoFvk4QA==", "name": "libmodulemd", "version": "2.13.0-2.el9", "kind": "binary", "source": { "id": "", "name": "libmodulemd", "version": "2.13.0-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xSopjH0yPtbnx33MBmtmuA==": { "id": "xSopjH0yPtbnx33MBmtmuA==", "name": "rpm-libs", "version": "4.16.1.3-37.el9", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xhMgwxa+ubXlCA6s9XfRgw==": { "id": "xhMgwxa+ubXlCA6s9XfRgw==", "name": "cyrus-sasl-lib", "version": "2.1.27-21.el9", "kind": "binary", "source": { "id": "", "name": "cyrus-sasl", "version": "2.1.27-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yEp9fQVFIQAEDPCwC3GLmA==": { "id": "yEp9fQVFIQAEDPCwC3GLmA==", "name": "libsemanage", "version": "3.6-5.el9_6", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "3.6-5.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zPvTALB8qlNtHa1j2iT5Zg==": { "id": "zPvTALB8qlNtHa1j2iT5Zg==", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" } }, "distributions": { "a1752d98-cb05-46e0-851e-94da612c34c2": { "id": "a1752d98-cb05-46e0-851e-94da612c34c2", "did": "rhel", "name": "Red Hat Enterprise Linux Server", "version": "9", "version_code_name": "", "version_id": "9", "arch": "", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "pretty_name": "Red Hat Enterprise Linux Server 9" } }, "repository": { "70dd5db6-1003-4918-9d8a-ec0132a674d1": { "id": "70dd5db6-1003-4918-9d8a-ec0132a674d1", "name": "cpe:/a:redhat:enterprise_linux:9::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "8b5329d2-a935-4bac-a139-24b7beeac3ed": { "id": "8b5329d2-a935-4bac-a139-24b7beeac3ed", "name": "cpe:/o:redhat:enterprise_linux:9::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" } }, "environments": { "+A7/nzEXX3Q/xJZ50VMnlQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "+X1MdmtPTbyDb/wq7joJhA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "+bwl6UbMaWOBWdHNekJsEw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/L1kFEoHZTukrNTCQLypFQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/O7rOBo1qRMFm3q3Kf3mEw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/h/TBQhfoSMCmey5oN87jA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/ub7EE8Da46T0x7lRdlVJg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "0T19Aon0dgLleTpQjLWzKw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "1atoBfoH0mJ0bCpetQ7/0g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "2gCbp4kt+cF44NF/LqukDg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "5+tHFkkNi+1rUDSrmgYdkw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "5fhQlRzIg/IB8EVM2pFIZA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "6WyRl8U3PR6ipKlxqlBzFA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7cpIREEQnkaI7dbmWgmrvg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7mDaaxs3ev+uNEDYC97U3Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7ra56f21gLrcSpBD8a9+NQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7vssDPaHKfFKMLimKBo7Gw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "8uME+PFu6p/OAD7q+ZTVLw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "9olIUlLHZMdoUMju+8diyQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "BQhiFmX4hLYteW4oRCLTSA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "BRLVvSCW1qZQlEQR2x48fQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "CpfomSYboaXPZ9yn9NgGgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "DrLq8qfU1bfE8o8AfdvkrQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "FZ9gWulzkx76xjTSH/yM/g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "FrUQI+koTfbikRk1jsFd0w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "G61ZL2SOHR2qgvQfi118gw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "HQdWvmyUSqtI3UTY0T4JiQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "I16VSEydeiRYB1TSf5694A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "IZ65O3ZOapykHwhaOX1/YA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "JKP7JzVg7UGaAz4VrH03lQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "KF5C+zKu/uFB7knCqOvDAQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "KXUGN6voGlWUMRN5TCFy4w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Lwqn0aweLQLZmo12VvYcog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "M9YTWinowLqOqX/+8mbhjg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "MDH8Zt4oQWDiYk9qFV5Lbg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "NdCY2/S+syamLH224R4hug==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "O1acB+rpl9OLkk9I6phF7Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OCIjbR16ktOEiFK36r0WNw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OaFmq38HlbKLTTEM/qATzg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OgwdUybWl/HQYbnPTE4Psw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Ohssf0Jzlafd9vtrrUKCXg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "P5Om9zCJ/QZ+hnrEvj6fGw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "PIk2BBAWexCFofMi5q03RA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "PZXvGa4khHd2n6o73hJ/Pg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "RXh3fimX8fGZeCt4chJEiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "S8p9UGak1oycptcpYp/1eg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "SjQtW3gQmgt+Qj8JlnY4Mg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Su8bfW9ijc0V5CiAum2V1g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "TPIRq84Pr3a6ywzPeCr3Pw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "To0NR+oyXDu1CYJfmVGurQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "VV2Z1ngTs6sGvt5SrayPCg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "VX9V+Y680L2xf2tBREdpCw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "WtG8AvirpmNJ8wVE+fxfGQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XG5+bW8np2NedSy/od6z8Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XJlS+gwEt7T+nNr/Bflqzg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XMkvB1ljVS0bNTUu2UEs3g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XwbkaIGCYyq6BjBMVZ1wzw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ZabCZVOpeuHGnRiGdzqBig==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "arLt5War9yeQ8auYn/Idmw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ayTA+mXRKgSCRl5LaqP4/w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bFvWffGqJWr7FWnI7K9NVw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bemGVBhbDe9iV1Kjvd9hAA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bgzKs6bbeWeXxcqE+n7Jog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "dC9CoYt17eaqinGSVCfCxw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "de44cUqF23LvU0fOSvNRjA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "dpQG/pUwAqVv1OdQqnvylQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eK3V3oi6vbIfOQRAcWBYDw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eRa7MZyiHBvsv7GPhkGKdg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eaygsCP+5IpdIryvw94Tcw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "f8lJd/yoDqE6O0RUQGqkpQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "gsKPriszRNKAqMnHK+dXgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "hYEisV19Dxn4PvCvxJFm5A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iTD/lpKAM3AZEWh+zVx2tg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iVtx1BX52G3zRfk+g/oWIg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iaJm7Mdk9UadnBII0ZwMeA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "izPQpATHYfezyT+kcua/tQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "jAjaNW7NMGiv7HfByDu4RQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kAEPeyZOK/FwFoG6mOFUbQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kFxhSjWy84mTZBM4XiZaeQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kgbITSeRtKiT7enG8buGXw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kigiD4fuysu8/DeCr+ONKQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kp6BaioAZ30jbVeZkkzokA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kvpHJLhsWpgEBJjx168pDg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "lI6hCbIwETVhCFhL4BxyiQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "lad8JH31WlI0MsNEYhUWlA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mDM1q1sl0PqUWEn54kTSRw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mK/FUfODp3MR7WS2xegPsw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mPqGnMbiXN6jP61aGbHvOA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "nzQEyt4JfkGeZIIHPiBhog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "nzlusFbkan5h1d1Ks+BKBQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "pYM7mYzFYUjRrK74RyhfOw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "qYSZ6aKFWol313IOGRXaug==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rCLp3m64Catai9VuHvh3Lw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rY/kE/V4JnxYoqV+lmc9mg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rlHYqOr0lkUB/Gs6b1kD2g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ssPaV1VLDu6d5ZJ6Rrmh3A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "sx0C6L5COHIkv6yQQyPlbw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "u5TyEoU5GA6Z2czzwhMLiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "v3i4ez5juML2ZWwR+6dFFg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "wCA3gMNtInqX1xg18QcnQg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "wfJGCqOH8d+IYg/dAepx1A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "x4oijVhQU8BUwJwoFvk4QA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "xSopjH0yPtbnx33MBmtmuA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "xhMgwxa+ubXlCA6s9XfRgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "yEp9fQVFIQAEDPCwC3GLmA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "zPvTALB8qlNtHa1j2iT5Zg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ] }, "vulnerabilities": { "+U7CyAHaY71mhNm2Xnq2uw==": { "id": "+U7CyAHaY71mhNm2Xnq2uw==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "+UOyQgpOAnrWS+mVMK5k1Q==": { "id": "+UOyQgpOAnrWS+mVMK5k1Q==", "updater": "rhel-vex", "name": "CVE-2026-0861", "description": "A flaw was found in the glibc library. Passing an excessively large alignment value to the memalign suite of functions, such as memalign, posix_memalign, aligned_alloc, valloc and pvalloc, an integer overflow can occur during internal size calculations due to improper overflow checks, causing an allocation of a small chunk of memory which is subsequently used for writing. This issue can result in an application crash or heap memory corruption.", "issued": "2026-01-14T21:01:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0861 https://bugzilla.redhat.com/show_bug.cgi?id=2429771 https://www.cve.org/CVERecord?id=CVE-2026-0861 https://nvd.nist.gov/vuln/detail/CVE-2026-0861 https://sourceware.org/bugzilla/show_bug.cgi?id=33796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0861.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "/A7M1zrsMND1dKjg2gEuyg==": { "id": "/A7M1zrsMND1dKjg2gEuyg==", "updater": "rhel-vex", "name": "CVE-2026-5450", "description": "A flaw was found in glibc (GNU C Library). This vulnerability occurs when an application uses the `scanf` family of functions with a `%mc` format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination can lead to a one-byte heap buffer overflow, potentially allowing an attacker to corrupt memory.", "issued": "2026-04-20T20:55:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5450 https://bugzilla.redhat.com/show_bug.cgi?id=2459853 https://www.cve.org/CVERecord?id=CVE-2026-5450 https://nvd.nist.gov/vuln/detail/CVE-2026-5450 https://inbox.sourceware.org/libc-announce/b11f0003-6ec1-4bd6-b9de-9e38a4efeca3@redhat.com/T/#u https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2026-5450 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5450.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/jvSCV2RwJ6c/Llx9z8uvA==": { "id": "/jvSCV2RwJ6c/Llx9z8uvA==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "0E1VjQWdmolR9lr9ElIZZQ==": { "id": "0E1VjQWdmolR9lr9ElIZZQ==", "updater": "rhel-vex", "name": "CVE-2026-28389", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence, leading to a NULL pointer dereference. This can result in a Denial of Service (DoS) for applications that handle untrusted CMS data.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28389 https://bugzilla.redhat.com/show_bug.cgi?id=2451096 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28389.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1/8/Mjb4nleg0SsOivHAww==": { "id": "1/8/Mjb4nleg0SsOivHAww==", "updater": "rhel-vex", "name": "CVE-2025-9820", "description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "issued": "2025-11-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9820 https://bugzilla.redhat.com/show_bug.cgi?id=2392528 https://www.cve.org/CVERecord?id=CVE-2025-9820 https://nvd.nist.gov/vuln/detail/CVE-2025-9820 https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5 https://gitlab.com/gnutls/gnutls/-/issues/1732 https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9820.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "1hhG+RKT0fsxlS/Wf/LWEA==": { "id": "1hhG+RKT0fsxlS/Wf/LWEA==", "updater": "rhel-vex", "name": "CVE-2026-0861", "description": "A flaw was found in the glibc library. Passing an excessively large alignment value to the memalign suite of functions, such as memalign, posix_memalign, aligned_alloc, valloc and pvalloc, an integer overflow can occur during internal size calculations due to improper overflow checks, causing an allocation of a small chunk of memory which is subsequently used for writing. This issue can result in an application crash or heap memory corruption.", "issued": "2026-01-14T21:01:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0861 https://bugzilla.redhat.com/show_bug.cgi?id=2429771 https://www.cve.org/CVERecord?id=CVE-2026-0861 https://nvd.nist.gov/vuln/detail/CVE-2026-0861 https://sourceware.org/bugzilla/show_bug.cgi?id=33796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0861.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "1npmxgSnoYj2MyAhQMaE7g==": { "id": "1npmxgSnoYj2MyAhQMaE7g==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2TDjlt2gAEWsLyBBPigFYw==": { "id": "2TDjlt2gAEWsLyBBPigFYw==", "updater": "rhel-vex", "name": "CVE-2024-13176", "description": "A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.", "issued": "2025-01-20T13:29:57Z", "links": "https://access.redhat.com/security/cve/CVE-2024-13176 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-13176.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3UNcgW64Eji4iyY2ZDB1cg==": { "id": "3UNcgW64Eji4iyY2ZDB1cg==", "updater": "rhel-vex", "name": "CVE-2026-3783", "description": "A flaw was found in curl. When an OAuth2 bearer token is used for an HTTP(S) transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the `.netrc` file, allowing the bearer token intended for the first host to be sent to the redirected host. This information disclosure could allow an attacker to gain unauthorized access.", "issued": "2026-03-11T10:09:08Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3783 https://bugzilla.redhat.com/show_bug.cgi?id=2446450 https://www.cve.org/CVERecord?id=CVE-2026-3783 https://nvd.nist.gov/vuln/detail/CVE-2026-3783 http://www.openwall.com/lists/oss-security/2026/03/11/2 https://curl.se/docs/CVE-2026-3783.html https://curl.se/docs/CVE-2026-3783.json https://hackerone.com/reports/3583983 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3783.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3bb0a18NQSPWO0aeq9twVw==": { "id": "3bb0a18NQSPWO0aeq9twVw==", "updater": "rhel-vex", "name": "CVE-2025-69419", "description": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69419 https://bugzilla.redhat.com/show_bug.cgi?id=2430386 https://www.cve.org/CVERecord?id=CVE-2025-69419 https://nvd.nist.gov/vuln/detail/CVE-2025-69419 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69419.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "429KD7e1Cl6AyUZNBGOTQw==": { "id": "429KD7e1Cl6AyUZNBGOTQw==", "updater": "rhel-vex", "name": "CVE-2025-9230", "description": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9230 https://bugzilla.redhat.com/show_bug.cgi?id=2396054 https://www.cve.org/CVERecord?id=CVE-2025-9230 https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9230.json https://access.redhat.com/errata/RHSA-2025:21255", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-4.el9_7", "arch_op": "pattern match" }, "4u3exWl+MPcCOYOgbQLM+A==": { "id": "4u3exWl+MPcCOYOgbQLM+A==", "updater": "rhel-vex", "name": "CVE-2025-69419", "description": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69419 https://bugzilla.redhat.com/show_bug.cgi?id=2430386 https://www.cve.org/CVERecord?id=CVE-2025-69419 https://nvd.nist.gov/vuln/detail/CVE-2025-69419 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69419.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "59oEBlU3jh6EL6gtZDUaug==": { "id": "59oEBlU3jh6EL6gtZDUaug==", "updater": "rhel-vex", "name": "CVE-2026-4437", "description": "A flaw was found in glibc (the GNU C Library). When an application uses the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS (Domain Name System) response. This crafted response can cause the application to incorrectly interpret a non-answer section of the DNS response as a valid answer, leading to potential misbehavior or incorrect information processing.", "issued": "2026-03-20T19:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4437 https://bugzilla.redhat.com/show_bug.cgi?id=2449777 https://www.cve.org/CVERecord?id=CVE-2026-4437 https://nvd.nist.gov/vuln/detail/CVE-2026-4437 https://sourceware.org/bugzilla/show_bug.cgi?id=34014 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4437.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5BksN0izCeDRrtFMsNCyvg==": { "id": "5BksN0izCeDRrtFMsNCyvg==", "updater": "rhel-vex", "name": "CVE-2025-9232", "description": "A flaw was found in the OpenSSL HTTP client API no_proxy handling. This vulnerability allows an application level denial of service (application crash) via an attacker-controlled IPv6 URL when the no_proxy environment variable is set.", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9232 https://bugzilla.redhat.com/show_bug.cgi?id=2396056 https://www.cve.org/CVERecord?id=CVE-2025-9232 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9232.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5amguv6OT1njd8r+RXMCQQ==": { "id": "5amguv6OT1njd8r+RXMCQQ==", "updater": "rhel-vex", "name": "CVE-2025-66199", "description": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66199 https://bugzilla.redhat.com/show_bug.cgi?id=2430379 https://www.cve.org/CVERecord?id=CVE-2025-66199 https://nvd.nist.gov/vuln/detail/CVE-2025-66199 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66199.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "6hAQW3vY9ZA/8datv1rY4g==": { "id": "6hAQW3vY9ZA/8datv1rY4g==", "updater": "rhel-vex", "name": "CVE-2024-41996", "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "issued": "2024-08-26T06:15:04Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41996 https://bugzilla.redhat.com/show_bug.cgi?id=2307826 https://www.cve.org/CVERecord?id=CVE-2024-41996 https://nvd.nist.gov/vuln/detail/CVE-2024-41996 https://dheatattack.gitlab.io/details/ https://dheatattack.gitlab.io/faq/ https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1 https://github.com/openssl/openssl/issues/17374 https://openssl-library.org/post/2022-10-21-tls-groups-configuration/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41996.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6rEIsdyQtCC456AuGwgsDQ==": { "id": "6rEIsdyQtCC456AuGwgsDQ==", "updater": "rhel-vex", "name": "CVE-2025-15079", "description": "A flaw was found in curl. When performing SSH-based transfers using SCP or SFTP, libcurl could mistakenly connect to hosts not listed in the user-specified knownhosts file. This occurs if the host is present in the libssh global knownhosts file, effectively bypassing the intended host verification. This could allow a remote attacker to connect to an untrusted host, potentially leading to information disclosure or man-in-the-middle attacks.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15079 https://bugzilla.redhat.com/show_bug.cgi?id=2426409 https://www.cve.org/CVERecord?id=CVE-2025-15079 https://nvd.nist.gov/vuln/detail/CVE-2025-15079 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15079.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "76mWuVYhbmIFsc4DNorK9A==": { "id": "76mWuVYhbmIFsc4DNorK9A==", "updater": "rhel-vex", "name": "CVE-2025-5917", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5917 https://bugzilla.redhat.com/show_bug.cgi?id=2370874 https://www.cve.org/CVERecord?id=CVE-2025-5917 https://nvd.nist.gov/vuln/detail/CVE-2025-5917 https://github.com/libarchive/libarchive/pull/2588 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5917.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "76z9Mpn8Jp7lhZSPsHTHug==": { "id": "76z9Mpn8Jp7lhZSPsHTHug==", "updater": "rhel-vex", "name": "CVE-2025-68973", "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", "issued": "2025-12-28T16:19:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68973 https://bugzilla.redhat.com/show_bug.cgi?id=2425966 https://www.cve.org/CVERecord?id=CVE-2025-68973 https://nvd.nist.gov/vuln/detail/CVE-2025-68973 https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306 https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 https://gpg.fail/memcpy https://news.ycombinator.com/item?id=46403200 https://www.openwall.com/lists/oss-security/2025/12/28/5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68973.json https://access.redhat.com/errata/RHSA-2026:0719", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.3.3-5.el9_7", "arch_op": "pattern match" }, "78ARTcr/iVbEbtXWNEyadA==": { "id": "78ARTcr/iVbEbtXWNEyadA==", "updater": "rhel-vex", "name": "CVE-2025-15467", "description": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.", "issued": "2026-01-27T14:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15467 https://bugzilla.redhat.com/show_bug.cgi?id=2430376 https://www.cve.org/CVERecord?id=CVE-2025-15467 https://nvd.nist.gov/vuln/detail/CVE-2025-15467 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "7aI+wyLEqkIPj2Wh4f1UKg==": { "id": "7aI+wyLEqkIPj2Wh4f1UKg==", "updater": "rhel-vex", "name": "CVE-2026-40356", "description": "A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling `gss_accept_sec_context()` on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of Service (DoS).", "issued": "2026-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-40356 https://bugzilla.redhat.com/show_bug.cgi?id=2463368 https://www.cve.org/CVERecord?id=CVE-2026-40356 https://nvd.nist.gov/vuln/detail/CVE-2026-40356 https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f https://web.mit.edu/kerberos/advisories/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40356.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7eKrcl3YwGJqhWmZNbH7Eg==": { "id": "7eKrcl3YwGJqhWmZNbH7Eg==", "updater": "rhel-vex", "name": "CVE-2025-11187", "description": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11187 https://bugzilla.redhat.com/show_bug.cgi?id=2430375 https://www.cve.org/CVERecord?id=CVE-2025-11187 https://nvd.nist.gov/vuln/detail/CVE-2025-11187 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11187.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "8MfvwX+dRI6Qt2H+x71rZg==": { "id": "8MfvwX+dRI6Qt2H+x71rZg==", "updater": "rhel-vex", "name": "CVE-2025-15224", "description": "A flaw was found in libcurl. When doing SSH-based transfers using either SCP or SFTP, and asked to do\npublic key authentication, curl would wrongly still ask and authenticate using\na locally running SSH agent.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15224 https://bugzilla.redhat.com/show_bug.cgi?id=2426410 https://www.cve.org/CVERecord?id=CVE-2025-15224 https://nvd.nist.gov/vuln/detail/CVE-2025-15224 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15224.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8ZCpE1M7eqNdy615aO2gLQ==": { "id": "8ZCpE1M7eqNdy615aO2gLQ==", "updater": "rhel-vex", "name": "CVE-2026-0992", "description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0992 https://bugzilla.redhat.com/show_bug.cgi?id=2429975 https://www.cve.org/CVERecord?id=CVE-2026-0992 https://nvd.nist.gov/vuln/detail/CVE-2026-0992 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0992.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8kndQj/aRn+NNJdGVP9v4g==": { "id": "8kndQj/aRn+NNJdGVP9v4g==", "updater": "rhel-vex", "name": "CVE-2023-45322", "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "issued": "2023-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45322 https://bugzilla.redhat.com/show_bug.cgi?id=2242945 https://www.cve.org/CVERecord?id=CVE-2023-45322 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45322.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9bjl4H6CMWLL3h1g5y6i9Q==": { "id": "9bjl4H6CMWLL3h1g5y6i9Q==", "updater": "rhel-vex", "name": "CVE-2026-5928", "description": "A flaw was found in glibc (GNU C Library). When the `ungetwc` function is called on a file stream using wide characters with specific overlapping single-byte and multi-byte encodings, it may attempt to read data outside of its allocated buffer. This can lead to the unintentional disclosure of sensitive information from memory or cause the program to crash, resulting in a denial of service.", "issued": "2026-04-20T20:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5928 https://bugzilla.redhat.com/show_bug.cgi?id=2459854 https://www.cve.org/CVERecord?id=CVE-2026-5928 https://nvd.nist.gov/vuln/detail/CVE-2026-5928 https://sourceware.org/bugzilla/show_bug.cgi?id=33998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5928.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9iigvnuYDaC8UzcOIDLjIQ==": { "id": "9iigvnuYDaC8UzcOIDLjIQ==", "updater": "rhel-vex", "name": "CVE-2026-24883", "description": "A flaw was found in GnuPG. A remote attacker could provide a specially crafted long signature packet that, when processed, causes the application to crash. This vulnerability leads to a denial of service (DoS), making the GnuPG application unavailable to legitimate users.", "issued": "2026-01-27T18:43:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24883 https://bugzilla.redhat.com/show_bug.cgi?id=2433463 https://www.cve.org/CVERecord?id=CVE-2026-24883 https://nvd.nist.gov/vuln/detail/CVE-2026-24883 https://dev.gnupg.org/T8049 https://www.openwall.com/lists/oss-security/2026/01/27/8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24883.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AD3UsMwxeXvBzVWIm5l5yw==": { "id": "AD3UsMwxeXvBzVWIm5l5yw==", "updater": "rhel-vex", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "2025-05-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5278 https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://www.cve.org/CVERecord?id=CVE-2025-5278 https://nvd.nist.gov/vuln/detail/CVE-2025-5278 https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5278.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AUiFITCnRjRxctzqqbDeeA==": { "id": "AUiFITCnRjRxctzqqbDeeA==", "updater": "rhel-vex", "name": "CVE-2022-3219", "description": "A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service.", "issued": "2022-09-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://www.cve.org/CVERecord?id=CVE-2022-3219 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://dev.gnupg.org/D556 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3219.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Argl342WI7oZtgSo+p9kMA==": { "id": "Argl342WI7oZtgSo+p9kMA==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "AwYRRq6SmgfJLn2NZxQUdw==": { "id": "AwYRRq6SmgfJLn2NZxQUdw==", "updater": "rhel-vex", "name": "CVE-2024-34459", "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "issued": "2024-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34459 https://bugzilla.redhat.com/show_bug.cgi?id=2280532 https://www.cve.org/CVERecord?id=CVE-2024-34459 https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34459.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BheYJlsY7UG2Ru8eF1IU4g==": { "id": "BheYJlsY7UG2Ru8eF1IU4g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libmount", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "D7U85Qc3CYAscEzhSfT76A==": { "id": "D7U85Qc3CYAscEzhSfT76A==", "updater": "rhel-vex", "name": "CVE-2025-15467", "description": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.", "issued": "2026-01-27T14:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15467 https://bugzilla.redhat.com/show_bug.cgi?id=2430376 https://www.cve.org/CVERecord?id=CVE-2025-15467 https://nvd.nist.gov/vuln/detail/CVE-2025-15467 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "DDxCHnX+kCqcRQj9b90/cg==": { "id": "DDxCHnX+kCqcRQj9b90/cg==", "updater": "rhel-vex", "name": "CVE-2023-4156", "description": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.", "issued": "2023-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4156 https://bugzilla.redhat.com/show_bug.cgi?id=2215930 https://www.cve.org/CVERecord?id=CVE-2023-4156 https://nvd.nist.gov/vuln/detail/CVE-2023-4156 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4156.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gawk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DTApvRZh1HJD5XbbpU3ahw==": { "id": "DTApvRZh1HJD5XbbpU3ahw==", "updater": "rhel-vex", "name": "CVE-2026-1757", "description": "A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.", "issued": "2026-02-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1757 https://bugzilla.redhat.com/show_bug.cgi?id=2435940 https://www.cve.org/CVERecord?id=CVE-2026-1757 https://nvd.nist.gov/vuln/detail/CVE-2026-1757 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DrIVK8+yvV91OzF2CS9o5A==": { "id": "DrIVK8+yvV91OzF2CS9o5A==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json https://access.redhat.com/errata/RHSA-2025:22660", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:252-55.el9_7.7", "arch_op": "pattern match" }, "Eh3WlvVSpgyvj1kaA5So7g==": { "id": "Eh3WlvVSpgyvj1kaA5So7g==", "updater": "rhel-vex", "name": "CVE-2025-13601", "description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "issued": "2025-11-24T13:00:15Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13601 https://bugzilla.redhat.com/show_bug.cgi?id=2416741 https://www.cve.org/CVERecord?id=CVE-2025-13601 https://nvd.nist.gov/vuln/detail/CVE-2025-13601 https://gitlab.gnome.org/GNOME/glib/-/issues/3827 https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13601.json https://access.redhat.com/errata/RHSA-2026:0936", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.68.4-18.el9_7.1", "arch_op": "pattern match" }, "Ez8lHT2uV9Tf9vJC/T4WXg==": { "id": "Ez8lHT2uV9Tf9vJC/T4WXg==", "updater": "rhel-vex", "name": "CVE-2026-4426", "description": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4426 https://bugzilla.redhat.com/show_bug.cgi?id=2449010 https://www.cve.org/CVERecord?id=CVE-2026-4426 https://nvd.nist.gov/vuln/detail/CVE-2026-4426 https://github.com/libarchive/libarchive/pull/2897 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4426.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "F4WBuBnk4OQIl1a5Q4CVPg==": { "id": "F4WBuBnk4OQIl1a5Q4CVPg==", "updater": "rhel-vex", "name": "CVE-2025-6170", "description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "issued": "2025-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952 https://www.cve.org/CVERecord?id=CVE-2025-6170 https://nvd.nist.gov/vuln/detail/CVE-2025-6170 https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6170.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FLpBF1y0CvCfFuXOmlaRZw==": { "id": "FLpBF1y0CvCfFuXOmlaRZw==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json https://access.redhat.com/errata/RHSA-2025:22376", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.13-14.el9_7", "arch_op": "pattern match" }, "FQwXyPZ+oHyxQZ9RBQXbpw==": { "id": "FQwXyPZ+oHyxQZ9RBQXbpw==", "updater": "rhel-vex", "name": "CVE-2025-13034", "description": "A flaw was found in curl. When configured to use public key pinning with QUIC connections and GnuTLS, and with standard certificate verification explicitly disabled, curl could bypass the intended public key check. This oversight allows a malicious server to impersonate a legitimate one, potentially leading to unauthorized access or information disclosure due to a failure in verifying the server's identity.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13034 https://bugzilla.redhat.com/show_bug.cgi?id=2426406 https://www.cve.org/CVERecord?id=CVE-2025-13034 https://nvd.nist.gov/vuln/detail/CVE-2025-13034 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13034.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GAn7gWUe2pFr7PbwechqxA==": { "id": "GAn7gWUe2pFr7PbwechqxA==", "updater": "rhel-vex", "name": "CVE-2025-30258", "description": "A flaw was found in GnuPG. In affected versions, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, leading to a verification denial of service.", "issued": "2025-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30258 https://bugzilla.redhat.com/show_bug.cgi?id=2353427 https://www.cve.org/CVERecord?id=CVE-2025-30258 https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30258.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GWKQvGJTKzyU9GiQECoFhg==": { "id": "GWKQvGJTKzyU9GiQECoFhg==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "HxI42iSjURjRki+uV6q/9w==": { "id": "HxI42iSjURjRki+uV6q/9w==", "updater": "rhel-vex", "name": "CVE-2024-0232", "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0232 https://bugzilla.redhat.com/show_bug.cgi?id=2243754 https://www.cve.org/CVERecord?id=CVE-2024-0232 https://nvd.nist.gov/vuln/detail/CVE-2024-0232 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0232.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Ie7rkr8oApZOM9PK2gFB6A==": { "id": "Ie7rkr8oApZOM9PK2gFB6A==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IrRjtVOpf04EO7iAKFAznQ==": { "id": "IrRjtVOpf04EO7iAKFAznQ==", "updater": "rhel-vex", "name": "CVE-2026-0915", "description": "A flaw was found in glibc, the GNU C Library. When an application calls the `getnetbyaddr` or `getnetbyaddr_r` functions to resolve a network address, and the system's `nsswitch.conf` file is configured to use a DNS (Domain Name System) backend for network lookups, a query for a zero-valued network can lead to the disclosure of stack memory contents. This information is leaked to the configured DNS resolver, potentially allowing an attacker who controls the resolver to gain sensitive data from the affected system.", "issued": "2026-01-15T22:08:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0915 https://bugzilla.redhat.com/show_bug.cgi?id=2430201 https://www.cve.org/CVERecord?id=CVE-2026-0915 https://nvd.nist.gov/vuln/detail/CVE-2026-0915 https://sourceware.org/bugzilla/show_bug.cgi?id=33802 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0915.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "Iy2V+5RC7ENxxmnS9KdBOw==": { "id": "Iy2V+5RC7ENxxmnS9KdBOw==", "updater": "rhel-vex", "name": "CVE-2026-0915", "description": "A flaw was found in glibc, the GNU C Library. When an application calls the `getnetbyaddr` or `getnetbyaddr_r` functions to resolve a network address, and the system's `nsswitch.conf` file is configured to use a DNS (Domain Name System) backend for network lookups, a query for a zero-valued network can lead to the disclosure of stack memory contents. This information is leaked to the configured DNS resolver, potentially allowing an attacker who controls the resolver to gain sensitive data from the affected system.", "issued": "2026-01-15T22:08:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0915 https://bugzilla.redhat.com/show_bug.cgi?id=2430201 https://www.cve.org/CVERecord?id=CVE-2026-0915 https://nvd.nist.gov/vuln/detail/CVE-2026-0915 https://sourceware.org/bugzilla/show_bug.cgi?id=33802 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0915.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "JK4fCJz1Ja5lmfE/vF5PcQ==": { "id": "JK4fCJz1Ja5lmfE/vF5PcQ==", "updater": "rhel-vex", "name": "CVE-2025-66199", "description": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66199 https://bugzilla.redhat.com/show_bug.cgi?id=2430379 https://www.cve.org/CVERecord?id=CVE-2025-66199 https://nvd.nist.gov/vuln/detail/CVE-2025-66199 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66199.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "JqWXvYyB4T300h7KRcWtFA==": { "id": "JqWXvYyB4T300h7KRcWtFA==", "updater": "rhel-vex", "name": "CVE-2025-13601", "description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "issued": "2025-11-24T13:00:15Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13601 https://bugzilla.redhat.com/show_bug.cgi?id=2416741 https://www.cve.org/CVERecord?id=CVE-2025-13601 https://nvd.nist.gov/vuln/detail/CVE-2025-13601 https://gitlab.gnome.org/GNOME/glib/-/issues/3827 https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13601.json https://access.redhat.com/errata/RHSA-2026:0936", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.68.4-18.el9_7.1", "arch_op": "pattern match" }, "Jrkns8qeStFRPhcitcuZ4w==": { "id": "Jrkns8qeStFRPhcitcuZ4w==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "KCgZ2MK707GRfjAO2Q3SOA==": { "id": "KCgZ2MK707GRfjAO2Q3SOA==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "KMGV9rbVZ/vVUNSX6f+JqA==": { "id": "KMGV9rbVZ/vVUNSX6f+JqA==", "updater": "rhel-vex", "name": "CVE-2026-4111", "description": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.", "issued": "2026-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4111 https://bugzilla.redhat.com/show_bug.cgi?id=2446453 https://www.cve.org/CVERecord?id=CVE-2026-4111 https://nvd.nist.gov/vuln/detail/CVE-2026-4111 https://github.com/libarchive/libarchive/pull/2877 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4111.json https://access.redhat.com/errata/RHSA-2026:5080", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-7.el9_7", "arch_op": "pattern match" }, "Kqq2xlybjD/tOLmQWu2xPw==": { "id": "Kqq2xlybjD/tOLmQWu2xPw==", "updater": "rhel-vex", "name": "CVE-2025-5918", "description": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://www.cve.org/CVERecord?id=CVE-2025-5918 https://nvd.nist.gov/vuln/detail/CVE-2025-5918 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L1pkWyFlg006sdV2pKTg4A==": { "id": "L1pkWyFlg006sdV2pKTg4A==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-fips-provider", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LeWRqc+lggRL8KnG53e6CA==": { "id": "LeWRqc+lggRL8KnG53e6CA==", "updater": "rhel-vex", "name": "CVE-2025-6965", "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "issued": "2025-07-15T13:44:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6965 https://bugzilla.redhat.com/show_bug.cgi?id=2380149 https://www.cve.org/CVERecord?id=CVE-2025-6965 https://nvd.nist.gov/vuln/detail/CVE-2025-6965 https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6965.json https://access.redhat.com/errata/RHSA-2025:20936", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.34.1-9.el9_7", "arch_op": "pattern match" }, "Lhc4n2a9ma6eRDB/RCRmLQ==": { "id": "Lhc4n2a9ma6eRDB/RCRmLQ==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "LuirMfnv2JkWFEU8MUuKUQ==": { "id": "LuirMfnv2JkWFEU8MUuKUQ==", "updater": "rhel-vex", "name": "CVE-2025-13151", "description": "A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the `asn1_expend_octet_string` function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service (DoS) condition, making the affected system or application unavailable.", "issued": "2026-01-07T21:14:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13151 https://bugzilla.redhat.com/show_bug.cgi?id=2427698 https://www.cve.org/CVERecord?id=CVE-2025-13151 https://nvd.nist.gov/vuln/detail/CVE-2025-13151 https://gitlab.com/gnutls/libtasn1 https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13151.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LxYgcRll4fEnbCHHZWt4BA==": { "id": "LxYgcRll4fEnbCHHZWt4BA==", "updater": "rhel-vex", "name": "CVE-2026-5121", "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.", "issued": "2026-03-30T07:44:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5121 https://bugzilla.redhat.com/show_bug.cgi?id=2452945 https://www.cve.org/CVERecord?id=CVE-2026-5121 https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://github.com/advisories/GHSA-2vwv-vqpv-v8vc https://github.com/libarchive/libarchive/pull/2934 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5121.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "M293c+QguJ/aaYP3cMwfyQ==": { "id": "M293c+QguJ/aaYP3cMwfyQ==", "updater": "rhel-vex", "name": "CVE-2026-28388", "description": "A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List (CRL) that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application that has delta CRL processing enabled, leading to a Denial of Service (DoS) for the application.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28388 https://bugzilla.redhat.com/show_bug.cgi?id=2451097 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28388.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MT27FBW6q+x91HBvTyGVKQ==": { "id": "MT27FBW6q+x91HBvTyGVKQ==", "updater": "rhel-vex", "name": "CVE-2026-4046", "description": "A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the `iconv()` function. This could lead to an assertion failure, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-30T17:16:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4046 https://bugzilla.redhat.com/show_bug.cgi?id=2453117 https://www.cve.org/CVERecord?id=CVE-2026-4046 https://nvd.nist.gov/vuln/detail/CVE-2026-4046 https://packages.fedoraproject.org/pkgs/glibc/glibc-gconv-extra/ https://sourceware.org/bugzilla/show_bug.cgi?id=33980 https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4046.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "N7otM4CJgwQwy0Mz0UA3Vw==": { "id": "N7otM4CJgwQwy0Mz0UA3Vw==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "NrTzMmbWyM5UeSvnQVNLOg==": { "id": "NrTzMmbWyM5UeSvnQVNLOg==", "updater": "rhel-vex", "name": "CVE-2026-0988", "description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0988 https://bugzilla.redhat.com/show_bug.cgi?id=2429886 https://www.cve.org/CVERecord?id=CVE-2026-0988 https://nvd.nist.gov/vuln/detail/CVE-2026-0988 https://gitlab.gnome.org/GNOME/glib/-/issues/3851 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0988.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OB9n4NdBrq+3wlcM9+90Dg==": { "id": "OB9n4NdBrq+3wlcM9+90Dg==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "PUCpgzV2LGcCb5yPJbawGw==": { "id": "PUCpgzV2LGcCb5yPJbawGw==", "updater": "rhel-vex", "name": "CVE-2025-68973", "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", "issued": "2025-12-28T16:19:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68973 https://bugzilla.redhat.com/show_bug.cgi?id=2425966 https://www.cve.org/CVERecord?id=CVE-2025-68973 https://nvd.nist.gov/vuln/detail/CVE-2025-68973 https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306 https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 https://gpg.fail/memcpy https://news.ycombinator.com/item?id=46403200 https://www.openwall.com/lists/oss-security/2025/12/28/5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68973.json https://access.redhat.com/errata/RHSA-2026:0719", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.3.3-5.el9_7", "arch_op": "pattern match" }, "PrCrIesi0sSvMQjPpvxecw==": { "id": "PrCrIesi0sSvMQjPpvxecw==", "updater": "rhel-vex", "name": "CVE-2025-14512", "description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14512 https://bugzilla.redhat.com/show_bug.cgi?id=2421339 https://www.cve.org/CVERecord?id=CVE-2025-14512 https://nvd.nist.gov/vuln/detail/CVE-2025-14512 https://gitlab.gnome.org/GNOME/glib/-/issues/3845 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14512.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Pza9Y2xtH9MChVMkZwgw2A==": { "id": "Pza9Y2xtH9MChVMkZwgw2A==", "updater": "rhel-vex", "name": "CVE-2024-7264", "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "issued": "2024-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7264 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://www.cve.org/CVERecord?id=CVE-2024-7264 https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7264.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Q6o565VsHFcmyuOW6jCOGw==": { "id": "Q6o565VsHFcmyuOW6jCOGw==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "QSP4YGVknCXnnhDrDAxftg==": { "id": "QSP4YGVknCXnnhDrDAxftg==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json https://access.redhat.com/errata/RHSA-2025:22660", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:252-55.el9_7.7", "arch_op": "pattern match" }, "Qbjoqw6Ot3cGOKNyQYBo4g==": { "id": "Qbjoqw6Ot3cGOKNyQYBo4g==", "updater": "rhel-vex", "name": "CVE-2025-14087", "description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14087 https://bugzilla.redhat.com/show_bug.cgi?id=2419093 https://www.cve.org/CVERecord?id=CVE-2025-14087 https://nvd.nist.gov/vuln/detail/CVE-2025-14087 https://gitlab.gnome.org/GNOME/glib/-/issues/3834 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14087.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QskDoDnTSvrQeDXklM4YOw==": { "id": "QskDoDnTSvrQeDXklM4YOw==", "updater": "rhel-vex", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "2026-03-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4105 https://bugzilla.redhat.com/show_bug.cgi?id=2447262 https://www.cve.org/CVERecord?id=CVE-2026-4105 https://nvd.nist.gov/vuln/detail/CVE-2026-4105 https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4105.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RHShqbO2hqcBNPYbKDg/3A==": { "id": "RHShqbO2hqcBNPYbKDg/3A==", "updater": "rhel-vex", "name": "CVE-2026-6732", "description": "A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.", "issued": "2026-04-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6732 https://bugzilla.redhat.com/show_bug.cgi?id=2461300 https://www.cve.org/CVERecord?id=CVE-2026-6732 https://nvd.nist.gov/vuln/detail/CVE-2026-6732 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1097 https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/411 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6732.json", "severity": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "S5Dzz9cigoJDCj8s5UcT0g==": { "id": "S5Dzz9cigoJDCj8s5UcT0g==", "updater": "rhel-vex", "name": "CVE-2022-41409", "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-41409 https://bugzilla.redhat.com/show_bug.cgi?id=2260814 https://www.cve.org/CVERecord?id=CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 https://github.com/PCRE2Project/pcre2/issues/141 https://github.com/advisories/GHSA-4qfx-v7wh-3q4j https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-41409.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SYSyRuW2vXdWcXLSfRP1aQ==": { "id": "SYSyRuW2vXdWcXLSfRP1aQ==", "updater": "rhel-vex", "name": "CVE-2025-15281", "description": "A flaw was found in glibc. When the wordexp function is called with the flags WRDE_REUSE and WRDE_APPEND, it may return uninitialized memory. If the caller inspects the we_wordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of service.", "issued": "2026-01-20T13:22:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15281 https://bugzilla.redhat.com/show_bug.cgi?id=2431196 https://www.cve.org/CVERecord?id=CVE-2025-15281 https://nvd.nist.gov/vuln/detail/CVE-2025-15281 https://sourceware.org/bugzilla/show_bug.cgi?id=33814 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15281.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "T+jfDhqJcXwVQ38oWEz/6g==": { "id": "T+jfDhqJcXwVQ38oWEz/6g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libsmartcols", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "TccjTp2Y8sTyWrjrm24IKA==": { "id": "TccjTp2Y8sTyWrjrm24IKA==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libmount", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "TwoNniaY2Urt7TF64epJXg==": { "id": "TwoNniaY2Urt7TF64epJXg==", "updater": "rhel-vex", "name": "CVE-2026-31790", "description": "A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without proper validation. Consequently, the application might send the contents of an uninitialized memory buffer, which could contain confidential information, to the attacker.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31790 https://bugzilla.redhat.com/show_bug.cgi?id=2451094 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31790.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VWEbeFnFOHy1IkG21b5a5g==": { "id": "VWEbeFnFOHy1IkG21b5a5g==", "updater": "rhel-vex", "name": "CVE-2023-30571", "description": "A vulnerability was found in libarchive. This issue can cause a race condition in a multi-threaded use of archive_write_disk_header() on posix based systems, which could allow implicit directory creation with permissions 777, without sticky bit, which means any low privileged user on the system can delete and rename files inside those directories.", "issued": "2023-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-30571 https://bugzilla.redhat.com/show_bug.cgi?id=2210921 https://www.cve.org/CVERecord?id=CVE-2023-30571 https://nvd.nist.gov/vuln/detail/CVE-2023-30571 https://access.redhat.com/solutions/7033331 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-30571.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VYGbkY0i6P3tRJd9mM1wNg==": { "id": "VYGbkY0i6P3tRJd9mM1wNg==", "updater": "rhel-vex", "name": "CVE-2026-1489", "description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1489 https://bugzilla.redhat.com/show_bug.cgi?id=2433348 https://www.cve.org/CVERecord?id=CVE-2026-1489 https://nvd.nist.gov/vuln/detail/CVE-2026-1489 https://gitlab.gnome.org/GNOME/glib/-/issues/3872 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1489.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VzbOWZs6Sa8zFH+GQEnasQ==": { "id": "VzbOWZs6Sa8zFH+GQEnasQ==", "updater": "rhel-vex", "name": "CVE-2026-4878", "description": "A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.", "issued": "2026-04-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2451615 https://www.cve.org/CVERecord?id=CVE-2026-4878 https://nvd.nist.gov/vuln/detail/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2447554 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4878.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libcap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WP0Zjo/ORuC7+jbSIrru8A==": { "id": "WP0Zjo/ORuC7+jbSIrru8A==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "WVv0x6iWhzRgZZTPZ190Ng==": { "id": "WVv0x6iWhzRgZZTPZ190Ng==", "updater": "rhel-vex", "name": "CVE-2026-28386", "description": "A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service (DoS). This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequent page is unmapped. This can lead to an out-of-bounds read of up to 15 bytes and a potential application crash.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28386 https://bugzilla.redhat.com/show_bug.cgi?id=2451099 https://www.cve.org/CVERecord?id=CVE-2026-28386 https://nvd.nist.gov/vuln/detail/CVE-2026-28386 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28386.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WxO9le6q4ACTs4KnSuckDw==": { "id": "WxO9le6q4ACTs4KnSuckDw==", "updater": "rhel-vex", "name": "CVE-2024-56433", "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "issued": "2024-12-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56433 https://bugzilla.redhat.com/show_bug.cgi?id=2334165 https://www.cve.org/CVERecord?id=CVE-2024-56433 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56433.json https://access.redhat.com/errata/RHSA-2025:20559", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "shadow-utils", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "2:4.9-15.el9", "arch_op": "pattern match" }, "X7DmUVoCri5i6vdYVBBgXg==": { "id": "X7DmUVoCri5i6vdYVBBgXg==", "updater": "rhel-vex", "name": "CVE-2026-1965", "description": "A flaw was found in curl. When an application uses libcurl to make multiple Negotiate-authenticated HTTP or HTTPS requests to the same server with different credentials, libcurl may incorrectly reuse an existing connection. This logical error can cause a subsequent request to be sent using the authentication of a previous user, leading to an authentication bypass.", "issued": "2026-03-11T10:08:52Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1965 https://bugzilla.redhat.com/show_bug.cgi?id=2446448 https://www.cve.org/CVERecord?id=CVE-2026-1965 https://nvd.nist.gov/vuln/detail/CVE-2026-1965 https://curl.se/docs/CVE-2026-1965.html https://curl.se/docs/CVE-2026-1965.json https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1965.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XPUXyp+BOEJyEGOgXafi8Q==": { "id": "XPUXyp+BOEJyEGOgXafi8Q==", "updater": "rhel-vex", "name": "CVE-2022-27943", "description": "A flaw was found in binutils, where GNU GCC is vulnerable to a denial of service caused by a stack consumption in the demangle_const() function in libiberty/rust-demangle.c. The vulnerability exists due to the application not properly controlling the consumption of internal resources. By persuading a victim to open a specially-crafted file, an attacker could cause a denial of service.", "issued": "2022-03-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27943 https://bugzilla.redhat.com/show_bug.cgi?id=2071728 https://www.cve.org/CVERecord?id=CVE-2022-27943 https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27943.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XdzUGUJMTsfPfs79OXKU4Q==": { "id": "XdzUGUJMTsfPfs79OXKU4Q==", "updater": "rhel-vex", "name": "CVE-2025-14831", "description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "issued": "2026-02-09T14:26:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14831 https://bugzilla.redhat.com/show_bug.cgi?id=2423177 https://www.cve.org/CVERecord?id=CVE-2025-14831 https://nvd.nist.gov/vuln/detail/CVE-2025-14831 https://gitlab.com/gnutls/gnutls/-/issues/1773 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14831.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "YIlv6HIDfGqvZL/MDTWWpg==": { "id": "YIlv6HIDfGqvZL/MDTWWpg==", "updater": "rhel-vex", "name": "CVE-2026-3805", "description": "A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.", "issued": "2026-03-11T10:09:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3805 https://bugzilla.redhat.com/show_bug.cgi?id=2446451 https://www.cve.org/CVERecord?id=CVE-2026-3805 https://nvd.nist.gov/vuln/detail/CVE-2026-3805 http://www.openwall.com/lists/oss-security/2026/03/11/4 https://curl.se/docs/CVE-2026-3805.html https://curl.se/docs/CVE-2026-3805.json https://hackerone.com/reports/3591944 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3805.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YX2rGofSXHBcNhTOGpNkAA==": { "id": "YX2rGofSXHBcNhTOGpNkAA==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "YtNpM5pykErH+UBXZABWdg==": { "id": "YtNpM5pykErH+UBXZABWdg==", "updater": "rhel-vex", "name": "CVE-2026-28390", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter field without first verifying its presence. This leads to a NULL pointer dereference, which can cause applications processing the attacker-controlled CMS data to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T22:00:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28390 https://bugzilla.redhat.com/show_bug.cgi?id=2456314 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28390.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a9FllBAJiFi5FeYl0KG4aQ==": { "id": "a9FllBAJiFi5FeYl0KG4aQ==", "updater": "rhel-vex", "name": "CVE-2024-11053", "description": "A flaw was found in curl. A logic error when processing credentials from the .netrc file while performing redirects allows the transfer of credentials from the original host to the followed-to host under certain circumstances, leaking the credentials to the followed-to host.", "issued": "2024-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11053 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://www.cve.org/CVERecord?id=CVE-2024-11053 https://nvd.nist.gov/vuln/detail/CVE-2024-11053 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11053.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "aOUfuyvyyWEe7Z1IZT+fGw==": { "id": "aOUfuyvyyWEe7Z1IZT+fGw==", "updater": "rhel-vex", "name": "CVE-2026-34743", "description": "A flaw was found in XZ Utils. When the `lzma_index_decoder()` function processes an empty index, and a subsequent `lzma_index_append()` operation is performed, insufficient memory is allocated. This can lead to a buffer overflow, potentially causing a denial of service (DoS) for affected systems.", "issued": "2026-04-02T18:36:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34743 https://bugzilla.redhat.com/show_bug.cgi?id=2454589 https://www.cve.org/CVERecord?id=CVE-2026-34743 https://nvd.nist.gov/vuln/detail/CVE-2026-34743 https://github.com/tukaani-project/xz/commit/c8c22869e780ff57c96b46939c3d79ff99395f87 https://github.com/tukaani-project/xz/releases/tag/v5.8.3 https://github.com/tukaani-project/xz/security/advisories/GHSA-x872-m794-cxhv https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34743.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "xz", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "bOC69k4Gpn8Av1w/ra2Tdw==": { "id": "bOC69k4Gpn8Av1w/ra2Tdw==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libuuid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "bgJs7DKkcMwNTsh9yTDgQg==": { "id": "bgJs7DKkcMwNTsh9yTDgQg==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libblkid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "bjyLMZdYnkrpUxDySiQ34Q==": { "id": "bjyLMZdYnkrpUxDySiQ34Q==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "bugTfOdgCaATW4vTnuXTSQ==": { "id": "bugTfOdgCaATW4vTnuXTSQ==", "updater": "rhel-vex", "name": "CVE-2025-70873", "description": "A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive heap memory information.", "issued": "2026-03-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-70873 https://bugzilla.redhat.com/show_bug.cgi?id=2447086 https://www.cve.org/CVERecord?id=CVE-2025-70873 https://nvd.nist.gov/vuln/detail/CVE-2025-70873 https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054 https://sqlite.org/forum/forumpost/761eac3c82 https://sqlite.org/src/info/3d459f1fb1bd1b5e https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-70873.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "d/522T+B/ARMNSG+3QfAWA==": { "id": "d/522T+B/ARMNSG+3QfAWA==", "updater": "rhel-vex", "name": "CVE-2026-22185", "description": "A flaw was found in OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load. When processing malformed input, a local attacker can exploit a heap buffer underflow vulnerability in the readline() function. This can lead to an out-of-bounds read, potentially causing a denial of service (DoS) and limited disclosure of heap memory contents.", "issued": "2026-01-07T20:26:30Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22185 https://bugzilla.redhat.com/show_bug.cgi?id=2427679 https://www.cve.org/CVERecord?id=CVE-2026-22185 https://nvd.nist.gov/vuln/detail/CVE-2026-22185 https://seclists.org/fulldisclosure/2026/Jan/5 https://seclists.org/fulldisclosure/2026/Jan/8 https://www.openldap.org/ https://www.vulncheck.com/advisories/openldap-lmdb-mdb-load-heap-buffer-underflow-in-readline https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22185.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openldap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e/EuZlSZUQTHCSl8kHuFag==": { "id": "e/EuZlSZUQTHCSl8kHuFag==", "updater": "rhel-vex", "name": "CVE-2025-11187", "description": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11187 https://bugzilla.redhat.com/show_bug.cgi?id=2430375 https://www.cve.org/CVERecord?id=CVE-2025-11187 https://nvd.nist.gov/vuln/detail/CVE-2025-11187 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11187.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "e0/Fzu8wfMZp9zX32i9rMQ==": { "id": "e0/Fzu8wfMZp9zX32i9rMQ==", "updater": "rhel-vex", "name": "CVE-2026-27456", "description": "A flaw was found in util-linux. When an /etc/fstab entry is configured with the user,loop options, the `mount` program checks the file path with user permissions but later opens it with root privileges. This creates a brief Time-of-Check-Time-of-Use (TOCTOU) window where an attacker can substitute the intended file with a malicious symbolic link. This allows a local unprivileged user to mount any root-owned file or block device that contains a valid filesystem, gaining full read access to its contents.", "issued": "2026-04-03T21:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27456 https://bugzilla.redhat.com/show_bug.cgi?id=2454956 https://www.cve.org/CVERecord?id=CVE-2026-27456 https://nvd.nist.gov/vuln/detail/CVE-2026-27456 https://github.com/util-linux/util-linux/commit/5e390467b26a3cf3fecc04e1a0d482dff3162fc4 https://github.com/util-linux/util-linux/releases/tag/v2.41.4 https://github.com/util-linux/util-linux/security/advisories/GHSA-qq4x-vfq4-9h9g https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27456.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e0VfCD1REapdkagkByCnXQ==": { "id": "e0VfCD1REapdkagkByCnXQ==", "updater": "rhel-vex", "name": "CVE-2025-3360", "description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "issued": "2025-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3360 https://bugzilla.redhat.com/show_bug.cgi?id=2357754 https://www.cve.org/CVERecord?id=CVE-2025-3360 https://nvd.nist.gov/vuln/detail/CVE-2025-3360 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3360.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eUh0vSDVmqXTnsB7jL0b4g==": { "id": "eUh0vSDVmqXTnsB7jL0b4g==", "updater": "rhel-vex", "name": "CVE-2026-5121", "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.", "issued": "2026-03-30T07:44:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5121 https://bugzilla.redhat.com/show_bug.cgi?id=2452945 https://www.cve.org/CVERecord?id=CVE-2026-5121 https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://github.com/advisories/GHSA-2vwv-vqpv-v8vc https://github.com/libarchive/libarchive/pull/2934 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5121.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "f6oGdnhZomBa/bs3snB3kA==": { "id": "f6oGdnhZomBa/bs3snB3kA==", "updater": "rhel-vex", "name": "CVE-2025-14831", "description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "issued": "2026-02-09T14:26:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14831 https://bugzilla.redhat.com/show_bug.cgi?id=2423177 https://www.cve.org/CVERecord?id=CVE-2025-14831 https://nvd.nist.gov/vuln/detail/CVE-2025-14831 https://gitlab.com/gnutls/gnutls/-/issues/1773 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14831.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "fFM0zIKtKuexRqlZMkzQpg==": { "id": "fFM0zIKtKuexRqlZMkzQpg==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "g6ZHihkpvpkr3oZoVOs05w==": { "id": "g6ZHihkpvpkr3oZoVOs05w==", "updater": "rhel-vex", "name": "CVE-2025-6965", "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "issued": "2025-07-15T13:44:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6965 https://bugzilla.redhat.com/show_bug.cgi?id=2380149 https://www.cve.org/CVERecord?id=CVE-2025-6965 https://nvd.nist.gov/vuln/detail/CVE-2025-6965 https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6965.json https://access.redhat.com/errata/RHSA-2025:20936", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.34.1-9.el9_7", "arch_op": "pattern match" }, "hHDtCxiuvJ9VSCSwnEG0Fw==": { "id": "hHDtCxiuvJ9VSCSwnEG0Fw==", "updater": "rhel-vex", "name": "CVE-2026-27135", "description": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).", "issued": "2026-03-18T17:59:02Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27135 https://bugzilla.redhat.com/show_bug.cgi?id=2448754 https://www.cve.org/CVERecord?id=CVE-2026-27135 https://nvd.nist.gov/vuln/detail/CVE-2026-27135 https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1 https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27135.json https://access.redhat.com/errata/RHSA-2026:7668", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libnghttp2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.43.0-6.el9_7.1", "arch_op": "pattern match" }, "iF/o4aDbQf1DAw7R+LiVQw==": { "id": "iF/o4aDbQf1DAw7R+LiVQw==", "updater": "rhel-vex", "name": "CVE-2025-68972", "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", "issued": "2025-12-27T22:52:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68972 https://bugzilla.redhat.com/show_bug.cgi?id=2425646 https://www.cve.org/CVERecord?id=CVE-2025-68972 https://nvd.nist.gov/vuln/detail/CVE-2025-68972 https://gpg.fail/formfeed https://news.ycombinator.com/item?id=46404339 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68972.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ija3h8P09PxwjEuLSUS2HA==": { "id": "ija3h8P09PxwjEuLSUS2HA==", "updater": "rhel-vex", "name": "CVE-2026-4438", "description": "A flaw was found in the GNU C library (glibc). When applications use the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to applications receiving incorrect hostname information, potentially impacting network operations or security decisions.", "issued": "2026-03-20T19:59:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4438 https://bugzilla.redhat.com/show_bug.cgi?id=2449783 https://www.cve.org/CVERecord?id=CVE-2026-4438 https://nvd.nist.gov/vuln/detail/CVE-2026-4438 https://sourceware.org/bugzilla/show_bug.cgi?id=34015 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4438.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ixD2h349uZz3eCy55KxIlw==": { "id": "ixD2h349uZz3eCy55KxIlw==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "ixc06f0H9vqMfsbwQSwwvA==": { "id": "ixc06f0H9vqMfsbwQSwwvA==", "updater": "rhel-vex", "name": "CVE-2023-32636", "description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 https://www.cve.org/CVERecord?id=CVE-2023-32636 https://nvd.nist.gov/vuln/detail/CVE-2023-32636 https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32636.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "j/vFtwZCr4ow5q2VPKgR9g==": { "id": "j/vFtwZCr4ow5q2VPKgR9g==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "jiVVTQmOtKqVixv7agF/Hg==": { "id": "jiVVTQmOtKqVixv7agF/Hg==", "updater": "rhel-vex", "name": "CVE-2025-27113", "description": "A flaw was found in libxml2. This vulnerability allows a NULL pointer dereference, leading to a potential crash or denial of service via a crafted XML pattern.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27113 https://bugzilla.redhat.com/show_bug.cgi?id=2346410 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27113.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "klH60uFrR0WkawaSlcOEKg==": { "id": "klH60uFrR0WkawaSlcOEKg==", "updater": "rhel-vex", "name": "CVE-2026-1484", "description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1484 https://bugzilla.redhat.com/show_bug.cgi?id=2433259 https://www.cve.org/CVERecord?id=CVE-2026-1484 https://nvd.nist.gov/vuln/detail/CVE-2026-1484 https://gitlab.gnome.org/GNOME/glib/-/issues/3870 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1484.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "l1pK1ezh6e0g8I+Dp2iK7w==": { "id": "l1pK1ezh6e0g8I+Dp2iK7w==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "l6IrI73Pg+lrisEtcgX+0Q==": { "id": "l6IrI73Pg+lrisEtcgX+0Q==", "updater": "rhel-vex", "name": "CVE-2026-3784", "description": "A flaw was found in curl. This vulnerability allows curl to wrongly reuse an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different authentication credentials for the HTTP proxy. This improper connection reuse could lead to an attacker gaining unauthorized access to resources or information intended for a different user.", "issued": "2026-03-11T10:09:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3784 https://bugzilla.redhat.com/show_bug.cgi?id=2446449 https://www.cve.org/CVERecord?id=CVE-2026-3784 https://nvd.nist.gov/vuln/detail/CVE-2026-3784 http://www.openwall.com/lists/oss-security/2026/03/11/3 https://curl.se/docs/CVE-2026-3784.html https://curl.se/docs/CVE-2026-3784.json https://hackerone.com/reports/3584903 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3784.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lQBARBTddFvexevUD04GZA==": { "id": "lQBARBTddFvexevUD04GZA==", "updater": "rhel-vex", "name": "CVE-2026-5745", "description": "A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare \"d\" or \"default\" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5745 https://bugzilla.redhat.com/show_bug.cgi?id=2455921 https://www.cve.org/CVERecord?id=CVE-2026-5745 https://nvd.nist.gov/vuln/detail/CVE-2026-5745 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5745.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lppk3oI+Rm/KVCEYBGVKcg==": { "id": "lppk3oI+Rm/KVCEYBGVKcg==", "updater": "rhel-vex", "name": "CVE-2026-40355", "description": "A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling `gss_accept_sec_context()` on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service (DoS).", "issued": "2026-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-40355 https://bugzilla.redhat.com/show_bug.cgi?id=2463370 https://www.cve.org/CVERecord?id=CVE-2026-40355 https://nvd.nist.gov/vuln/detail/CVE-2026-40355 https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f https://web.mit.edu/kerberos/advisories/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40355.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mJw+LvAbCoVMIOZXCXNFpg==": { "id": "mJw+LvAbCoVMIOZXCXNFpg==", "updater": "rhel-vex", "name": "CVE-2025-5916", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://www.cve.org/CVERecord?id=CVE-2025-5916 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5916.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mYgwcPpa/l0bTZdysqbplg==": { "id": "mYgwcPpa/l0bTZdysqbplg==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json https://access.redhat.com/errata/RHSA-2025:22376", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.13-14.el9_7", "arch_op": "pattern match" }, "mZCCwO//htsOIXazj/SeOw==": { "id": "mZCCwO//htsOIXazj/SeOw==", "updater": "rhel-vex", "name": "CVE-2026-31789", "description": "A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an attacker to execute arbitrary code. This issue is considered low severity due to the specific conditions required for exploitation, including the need for an extremely large certificate and a 32-bit operating environment.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31789 https://bugzilla.redhat.com/show_bug.cgi?id=2451095 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31789.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ncqqUTuMttuUZ8SF9/Ywrg==": { "id": "ncqqUTuMttuUZ8SF9/Ywrg==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "oqSc7q4k6wTno/u9knscCQ==": { "id": "oqSc7q4k6wTno/u9knscCQ==", "updater": "rhel-vex", "name": "CVE-2024-9681", "description": "A vulnerability was found in curl. When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than intended.", "issued": "2024-11-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-9681 https://bugzilla.redhat.com/show_bug.cgi?id=2322969 https://www.cve.org/CVERecord?id=CVE-2024-9681 https://nvd.nist.gov/vuln/detail/CVE-2024-9681 https://hackerone.com/reports/2764830 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-9681.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qFIYjZJeFnLAVC7lR0n6oQ==": { "id": "qFIYjZJeFnLAVC7lR0n6oQ==", "updater": "rhel-vex", "name": "CVE-2026-0989", "description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0989 https://bugzilla.redhat.com/show_bug.cgi?id=2429933 https://www.cve.org/CVERecord?id=CVE-2026-0989 https://nvd.nist.gov/vuln/detail/CVE-2026-0989 https://gitlab.gnome.org/GNOME/libxml2/-/issues/998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0989.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rz/CPeG1fPitayrSa0BFxQ==": { "id": "rz/CPeG1fPitayrSa0BFxQ==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "sJNoOKrtqJYf9M2tWcTlqg==": { "id": "sJNoOKrtqJYf9M2tWcTlqg==", "updater": "rhel-vex", "name": "CVE-2025-15281", "description": "A flaw was found in glibc. When the wordexp function is called with the flags WRDE_REUSE and WRDE_APPEND, it may return uninitialized memory. If the caller inspects the we_wordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of service.", "issued": "2026-01-20T13:22:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15281 https://bugzilla.redhat.com/show_bug.cgi?id=2431196 https://www.cve.org/CVERecord?id=CVE-2025-15281 https://nvd.nist.gov/vuln/detail/CVE-2025-15281 https://sourceware.org/bugzilla/show_bug.cgi?id=33814 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15281.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "smB1yCGhBb8gDhPAER7odg==": { "id": "smB1yCGhBb8gDhPAER7odg==", "updater": "rhel-vex", "name": "CVE-2025-14524", "description": "A flaw was found in curl. When an OAuth2 (Open Authorization) bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a different scheme like IMAP, LDAP, POP3, or SMTP, curl might incorrectly pass the bearer token to the new target host. This could lead to information disclosure, where sensitive authentication tokens are exposed to unintended recipients.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14524 https://bugzilla.redhat.com/show_bug.cgi?id=2426407 https://www.cve.org/CVERecord?id=CVE-2025-14524 https://nvd.nist.gov/vuln/detail/CVE-2025-14524 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14524.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "svCt47J2Zwa45xj8gn3U/w==": { "id": "svCt47J2Zwa45xj8gn3U/w==", "updater": "rhel-vex", "name": "CVE-2026-1485", "description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1485 https://bugzilla.redhat.com/show_bug.cgi?id=2433325 https://www.cve.org/CVERecord?id=CVE-2026-1485 https://nvd.nist.gov/vuln/detail/CVE-2026-1485 https://gitlab.gnome.org/GNOME/glib/-/issues/3871 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1485.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sykv+pGN4TXggZNIwL/H4g==": { "id": "sykv+pGN4TXggZNIwL/H4g==", "updater": "rhel-vex", "name": "CVE-2025-5915", "description": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://www.cve.org/CVERecord?id=CVE-2025-5915 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5915.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tbhLz74i3ShwS72WbIsoOA==": { "id": "tbhLz74i3ShwS72WbIsoOA==", "updater": "rhel-vex", "name": "CVE-2023-50495", "description": "A vulnerability was found in the NCurses package, where a segmentation fault may be triggered through _nc_wrap_entry().", "issued": "2023-12-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-50495 https://bugzilla.redhat.com/show_bug.cgi?id=2254244 https://www.cve.org/CVERecord?id=CVE-2023-50495 https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-50495.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u0cs09LPRVEEfen4PHM6gA==": { "id": "u0cs09LPRVEEfen4PHM6gA==", "updater": "rhel-vex", "name": "CVE-2026-0990", "description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0990 https://bugzilla.redhat.com/show_bug.cgi?id=2429959 https://www.cve.org/CVERecord?id=CVE-2026-0990 https://nvd.nist.gov/vuln/detail/CVE-2026-0990 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0990.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u90uEyQ6vxfKeIQvjGNTHQ==": { "id": "u90uEyQ6vxfKeIQvjGNTHQ==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "uWz4SaM79VpO4EPAy+0C8g==": { "id": "uWz4SaM79VpO4EPAy+0C8g==", "updater": "rhel-vex", "name": "CVE-2026-5435", "description": "A flaw was found in glibc, the GNU C Library. Specifically, deprecated functions responsible for printing TSIG (Transaction Signature) records fail to properly manage memory buffers. This oversight can lead to an out-of-bounds write when processing specially crafted TSIG records. An attacker could exploit this to cause a denial of service or potentially execute arbitrary code.", "issued": "2026-04-28T11:58:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5435 https://bugzilla.redhat.com/show_bug.cgi?id=2463465 https://www.cve.org/CVERecord?id=CVE-2026-5435 https://nvd.nist.gov/vuln/detail/CVE-2026-5435 https://inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/#u https://sourceware.org/bugzilla/show_bug.cgi?id=34033 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5435.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uaetuJImncB6wudykQLpEA==": { "id": "uaetuJImncB6wudykQLpEA==", "updater": "rhel-vex", "name": "CVE-2025-1632", "description": "A flaw was found in the bsdunzip utility of libarchive. In affected versions, a specially crafted file may trigger a null pointer dereference. This issue can lead to an application crash or other unexpected behavior. This bug does not compromise the integrity or availability of the base system.", "issued": "2025-02-24T13:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1632 https://bugzilla.redhat.com/show_bug.cgi?id=2347309 https://www.cve.org/CVERecord?id=CVE-2025-1632 https://nvd.nist.gov/vuln/detail/CVE-2025-1632 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1632.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uu3d3lIlYVCZwOjqoNec3g==": { "id": "uu3d3lIlYVCZwOjqoNec3g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libblkid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "vQmd/px1n2vUjUceHOjVLA==": { "id": "vQmd/px1n2vUjUceHOjVLA==", "updater": "rhel-vex", "name": "CVE-2026-29111", "description": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).", "issued": "2026-03-23T21:03:56Z", "links": "https://access.redhat.com/security/cve/CVE-2026-29111 https://bugzilla.redhat.com/show_bug.cgi?id=2450505 https://www.cve.org/CVERecord?id=CVE-2026-29111 https://nvd.nist.gov/vuln/detail/CVE-2026-29111 https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6 https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412 https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69 https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6 https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8 https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29111.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vtpIIEEoAREfzDi0+K26Fg==": { "id": "vtpIIEEoAREfzDi0+K26Fg==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "xxrOMZzPk7ETmnvrIjBo0A==": { "id": "xxrOMZzPk7ETmnvrIjBo0A==", "updater": "rhel-vex", "name": "CVE-2025-60753", "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", "issued": "2025-11-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-60753 https://bugzilla.redhat.com/show_bug.cgi?id=2412648 https://www.cve.org/CVERecord?id=CVE-2025-60753 https://nvd.nist.gov/vuln/detail/CVE-2025-60753 https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753 https://github.com/libarchive/libarchive/issues/2725 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-60753.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "y/3qWQj3xOUQpm2CUr+ftg==": { "id": "y/3qWQj3xOUQpm2CUr+ftg==", "updater": "rhel-vex", "name": "CVE-2025-9820", "description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "issued": "2025-11-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9820 https://bugzilla.redhat.com/show_bug.cgi?id=2392528 https://www.cve.org/CVERecord?id=CVE-2025-9820 https://nvd.nist.gov/vuln/detail/CVE-2025-9820 https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5 https://gitlab.com/gnutls/gnutls/-/issues/1732 https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9820.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "y7I268PAr74OoToX85XE8w==": { "id": "y7I268PAr74OoToX85XE8w==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "yUucg71orzE08FiDgaKBPQ==": { "id": "yUucg71orzE08FiDgaKBPQ==", "updater": "rhel-vex", "name": "CVE-2025-9230", "description": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9230 https://bugzilla.redhat.com/show_bug.cgi?id=2396054 https://www.cve.org/CVERecord?id=CVE-2025-9230 https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9230.json https://access.redhat.com/errata/RHSA-2025:21255", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-4.el9_7", "arch_op": "pattern match" }, "ymKqobod4xPivmLT/iq9oQ==": { "id": "ymKqobod4xPivmLT/iq9oQ==", "updater": "rhel-vex", "name": "CVE-2026-41990", "description": "A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a bounds check when writing to a static array. While the data involved is not directly controlled by an attacker, this vulnerability could lead to memory corruption, potentially resulting in a denial of service (DoS) or affecting data integrity.", "issued": "2026-04-23T04:39:04Z", "links": "https://access.redhat.com/security/cve/CVE-2026-41990 https://bugzilla.redhat.com/show_bug.cgi?id=2461068 https://www.cve.org/CVERecord?id=CVE-2026-41990 https://nvd.nist.gov/vuln/detail/CVE-2026-41990 https://dev.gnupg.org/T8208 https://lists.gnupg.org/pipermail/gnupg-announce/2026q2/000503.html https://www.openwall.com/lists/oss-security/2026/04/21/1 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41990.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yzZzF1vLZmeTiLJMgY7W0Q==": { "id": "yzZzF1vLZmeTiLJMgY7W0Q==", "updater": "rhel-vex", "name": "CVE-2025-7039", "description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "issued": "2025-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-7039 https://bugzilla.redhat.com/show_bug.cgi?id=2392423 https://www.cve.org/CVERecord?id=CVE-2025-7039 https://nvd.nist.gov/vuln/detail/CVE-2025-7039 https://gitlab.gnome.org/GNOME/glib/-/issues/3716 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-7039.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "z/beWyrkyrQJfgGCkMIsWg==": { "id": "z/beWyrkyrQJfgGCkMIsWg==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libsmartcols", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "zmNQpHydwXFAJmLcFFYiyQ==": { "id": "zmNQpHydwXFAJmLcFFYiyQ==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libuuid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "znnZtQrOfSxqGV/OZKzI5g==": { "id": "znnZtQrOfSxqGV/OZKzI5g==", "updater": "rhel-vex", "name": "CVE-2026-4111", "description": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.", "issued": "2026-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4111 https://bugzilla.redhat.com/show_bug.cgi?id=2446453 https://www.cve.org/CVERecord?id=CVE-2026-4111 https://nvd.nist.gov/vuln/detail/CVE-2026-4111 https://github.com/libarchive/libarchive/pull/2877 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4111.json https://access.redhat.com/errata/RHSA-2026:5080", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-7.el9_7", "arch_op": "pattern match" }, "zqGJegkbTlVqcHBa6HtRTQ==": { "id": "zqGJegkbTlVqcHBa6HtRTQ==", "updater": "rhel-vex", "name": "CVE-2025-14017", "description": "A flaw was found in curl. When performing multi-threaded LDAPS (Lightweight Directory Access Protocol Secure) transfers, changes to Transport Layer Security (TLS) options in one thread could inadvertently apply globally, affecting other concurrent transfers. This could lead to unintended security posture changes, such as disabling certificate verification for other threads. This vulnerability can result in a security bypass, where expected security checks are not performed.", "issued": "2026-01-08T10:07:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14017 https://bugzilla.redhat.com/show_bug.cgi?id=2427870 https://www.cve.org/CVERecord?id=CVE-2025-14017 https://nvd.nist.gov/vuln/detail/CVE-2025-14017 https://curl.se/docs/CVE-2025-14017.html https://curl.se/docs/CVE-2025-14017.json https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14017.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" } }, "package_vulnerabilities": { "+bwl6UbMaWOBWdHNekJsEw==": [ "AD3UsMwxeXvBzVWIm5l5yw==" ], "/L1kFEoHZTukrNTCQLypFQ==": [ "aOUfuyvyyWEe7Z1IZT+fGw==" ], "/ub7EE8Da46T0x7lRdlVJg==": [ "z/beWyrkyrQJfgGCkMIsWg==", "T+jfDhqJcXwVQ38oWEz/6g==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "2gCbp4kt+cF44NF/LqukDg==": [ "S5Dzz9cigoJDCj8s5UcT0g==" ], "6WyRl8U3PR6ipKlxqlBzFA==": [ "tbhLz74i3ShwS72WbIsoOA==" ], "7mDaaxs3ev+uNEDYC97U3Q==": [ "1npmxgSnoYj2MyAhQMaE7g==" ], "7ra56f21gLrcSpBD8a9+NQ==": [ "BheYJlsY7UG2Ru8eF1IU4g==", "TccjTp2Y8sTyWrjrm24IKA==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "CpfomSYboaXPZ9yn9NgGgw==": [ "7aI+wyLEqkIPj2Wh4f1UKg==", "lppk3oI+Rm/KVCEYBGVKcg==" ], "FZ9gWulzkx76xjTSH/yM/g==": [ "L1pkWyFlg006sdV2pKTg4A==" ], "FrUQI+koTfbikRk1jsFd0w==": [ "XPUXyp+BOEJyEGOgXafi8Q==" ], "IZ65O3ZOapykHwhaOX1/YA==": [ "hHDtCxiuvJ9VSCSwnEG0Fw==" ], "KXUGN6voGlWUMRN5TCFy4w==": [ "QSP4YGVknCXnnhDrDAxftg==", "DrIVK8+yvV91OzF2CS9o5A==", "QskDoDnTSvrQeDXklM4YOw==", "vQmd/px1n2vUjUceHOjVLA==" ], "M9YTWinowLqOqX/+8mbhjg==": [ "LeWRqc+lggRL8KnG53e6CA==", "g6ZHihkpvpkr3oZoVOs05w==", "bugTfOdgCaATW4vTnuXTSQ==", "HxI42iSjURjRki+uV6q/9w==" ], "O1acB+rpl9OLkk9I6phF7Q==": [ "WxO9le6q4ACTs4KnSuckDw==" ], "OCIjbR16ktOEiFK36r0WNw==": [ "LuirMfnv2JkWFEU8MUuKUQ==" ], "OaFmq38HlbKLTTEM/qATzg==": [ "rz/CPeG1fPitayrSa0BFxQ==", "l1pK1ezh6e0g8I+Dp2iK7w==", "6rEIsdyQtCC456AuGwgsDQ==", "8MfvwX+dRI6Qt2H+x71rZg==", "oqSc7q4k6wTno/u9knscCQ==", "zqGJegkbTlVqcHBa6HtRTQ==", "Pza9Y2xtH9MChVMkZwgw2A==", "smB1yCGhBb8gDhPAER7odg==", "l6IrI73Pg+lrisEtcgX+0Q==", "YIlv6HIDfGqvZL/MDTWWpg==", "FQwXyPZ+oHyxQZ9RBQXbpw==", "X7DmUVoCri5i6vdYVBBgXg==", "a9FllBAJiFi5FeYl0KG4aQ==", "3UNcgW64Eji4iyY2ZDB1cg==" ], "P5Om9zCJ/QZ+hnrEvj6fGw==": [ "ymKqobod4xPivmLT/iq9oQ==" ], "PIk2BBAWexCFofMi5q03RA==": [ "S5Dzz9cigoJDCj8s5UcT0g==" ], "S8p9UGak1oycptcpYp/1eg==": [ "d/522T+B/ARMNSG+3QfAWA==" ], "SjQtW3gQmgt+Qj8JlnY4Mg==": [ "bgJs7DKkcMwNTsh9yTDgQg==", "uu3d3lIlYVCZwOjqoNec3g==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "WtG8AvirpmNJ8wVE+fxfGQ==": [ "FLpBF1y0CvCfFuXOmlaRZw==", "AwYRRq6SmgfJLn2NZxQUdw==", "qFIYjZJeFnLAVC7lR0n6oQ==", "RHShqbO2hqcBNPYbKDg/3A==", "8kndQj/aRn+NNJdGVP9v4g==", "DTApvRZh1HJD5XbbpU3ahw==", "jiVVTQmOtKqVixv7agF/Hg==", "u0cs09LPRVEEfen4PHM6gA==", "F4WBuBnk4OQIl1a5Q4CVPg==", "8ZCpE1M7eqNdy615aO2gLQ==", "mYgwcPpa/l0bTZdysqbplg==" ], "XJlS+gwEt7T+nNr/Bflqzg==": [ "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==" ], "XMkvB1ljVS0bNTUu2UEs3g==": [ "XPUXyp+BOEJyEGOgXafi8Q==" ], "ZabCZVOpeuHGnRiGdzqBig==": [ "L1pkWyFlg006sdV2pKTg4A==" ], "ayTA+mXRKgSCRl5LaqP4/w==": [ "JqWXvYyB4T300h7KRcWtFA==", "klH60uFrR0WkawaSlcOEKg==", "VYGbkY0i6P3tRJd9mM1wNg==", "PrCrIesi0sSvMQjPpvxecw==", "Qbjoqw6Ot3cGOKNyQYBo4g==", "e0VfCD1REapdkagkByCnXQ==", "svCt47J2Zwa45xj8gn3U/w==", "ixc06f0H9vqMfsbwQSwwvA==", "yzZzF1vLZmeTiLJMgY7W0Q==", "NrTzMmbWyM5UeSvnQVNLOg==", "Eh3WlvVSpgyvj1kaA5So7g==" ], "eK3V3oi6vbIfOQRAcWBYDw==": [ "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==" ], "iVtx1BX52G3zRfk+g/oWIg==": [ "78ARTcr/iVbEbtXWNEyadA==", "7eKrcl3YwGJqhWmZNbH7Eg==", "KCgZ2MK707GRfjAO2Q3SOA==", "Q6o565VsHFcmyuOW6jCOGw==", "fFM0zIKtKuexRqlZMkzQpg==", "3bb0a18NQSPWO0aeq9twVw==", "WP0Zjo/ORuC7+jbSIrru8A==", "Argl342WI7oZtgSo+p9kMA==", "ncqqUTuMttuUZ8SF9/Ywrg==", "u90uEyQ6vxfKeIQvjGNTHQ==", "429KD7e1Cl6AyUZNBGOTQw==", "OB9n4NdBrq+3wlcM9+90Dg==", "JK4fCJz1Ja5lmfE/vF5PcQ==", "D7U85Qc3CYAscEzhSfT76A==", "e/EuZlSZUQTHCSl8kHuFag==", "+U7CyAHaY71mhNm2Xnq2uw==", "y7I268PAr74OoToX85XE8w==", "bjyLMZdYnkrpUxDySiQ34Q==", "4u3exWl+MPcCOYOgbQLM+A==", "ixD2h349uZz3eCy55KxIlw==", "j/vFtwZCr4ow5q2VPKgR9g==", "/jvSCV2RwJ6c/Llx9z8uvA==", "Jrkns8qeStFRPhcitcuZ4w==", "yUucg71orzE08FiDgaKBPQ==", "GWKQvGJTKzyU9GiQECoFhg==", "5amguv6OT1njd8r+RXMCQQ==", "2TDjlt2gAEWsLyBBPigFYw==", "WVv0x6iWhzRgZZTPZ190Ng==", "M293c+QguJ/aaYP3cMwfyQ==", "Ie7rkr8oApZOM9PK2gFB6A==", "0E1VjQWdmolR9lr9ElIZZQ==", "6hAQW3vY9ZA/8datv1rY4g==", "TwoNniaY2Urt7TF64epJXg==", "mZCCwO//htsOIXazj/SeOw==", "YtNpM5pykErH+UBXZABWdg==", "5BksN0izCeDRrtFMsNCyvg==" ], "izPQpATHYfezyT+kcua/tQ==": [ "1/8/Mjb4nleg0SsOivHAww==", "XdzUGUJMTsfPfs79OXKU4Q==", "y/3qWQj3xOUQpm2CUr+ftg==", "f6oGdnhZomBa/bs3snB3kA==" ], "kAEPeyZOK/FwFoG6mOFUbQ==": [ "VzbOWZs6Sa8zFH+GQEnasQ==" ], "lad8JH31WlI0MsNEYhUWlA==": [ "Iy2V+5RC7ENxxmnS9KdBOw==", "SYSyRuW2vXdWcXLSfRP1aQ==", "1hhG+RKT0fsxlS/Wf/LWEA==", "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==", "IrRjtVOpf04EO7iAKFAznQ==", "sJNoOKrtqJYf9M2tWcTlqg==", "+UOyQgpOAnrWS+mVMK5k1Q==" ], "mDM1q1sl0PqUWEn54kTSRw==": [ "N7otM4CJgwQwy0Mz0UA3Vw==", "Lhc4n2a9ma6eRDB/RCRmLQ==", "6rEIsdyQtCC456AuGwgsDQ==", "8MfvwX+dRI6Qt2H+x71rZg==", "oqSc7q4k6wTno/u9knscCQ==", "zqGJegkbTlVqcHBa6HtRTQ==", "Pza9Y2xtH9MChVMkZwgw2A==", "smB1yCGhBb8gDhPAER7odg==", "l6IrI73Pg+lrisEtcgX+0Q==", "YIlv6HIDfGqvZL/MDTWWpg==", "FQwXyPZ+oHyxQZ9RBQXbpw==", "X7DmUVoCri5i6vdYVBBgXg==", "a9FllBAJiFi5FeYl0KG4aQ==", "3UNcgW64Eji4iyY2ZDB1cg==" ], "nzQEyt4JfkGeZIIHPiBhog==": [ "zmNQpHydwXFAJmLcFFYiyQ==", "bOC69k4Gpn8Av1w/ra2Tdw==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "nzlusFbkan5h1d1Ks+BKBQ==": [ "tbhLz74i3ShwS72WbIsoOA==" ], "rY/kE/V4JnxYoqV+lmc9mg==": [ "DDxCHnX+kCqcRQj9b90/cg==" ], "v3i4ez5juML2ZWwR+6dFFg==": [ "PUCpgzV2LGcCb5yPJbawGw==", "AUiFITCnRjRxctzqqbDeeA==", "9iigvnuYDaC8UzcOIDLjIQ==", "iF/o4aDbQf1DAw7R+LiVQw==", "GAn7gWUe2pFr7PbwechqxA==", "76z9Mpn8Jp7lhZSPsHTHug==" ], "wfJGCqOH8d+IYg/dAepx1A==": [ "vtpIIEEoAREfzDi0+K26Fg==", "eUh0vSDVmqXTnsB7jL0b4g==", "znnZtQrOfSxqGV/OZKzI5g==", "uaetuJImncB6wudykQLpEA==", "VWEbeFnFOHy1IkG21b5a5g==", "xxrOMZzPk7ETmnvrIjBo0A==", "mJw+LvAbCoVMIOZXCXNFpg==", "76mWuVYhbmIFsc4DNorK9A==", "lQBARBTddFvexevUD04GZA==", "sykv+pGN4TXggZNIwL/H4g==", "Kqq2xlybjD/tOLmQWu2xPw==", "Ez8lHT2uV9Tf9vJC/T4WXg==", "YX2rGofSXHBcNhTOGpNkAA==", "LxYgcRll4fEnbCHHZWt4BA==", "KMGV9rbVZ/vVUNSX6f+JqA==" ] }, "enrichments": {} } pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 4, "warnings": [ { "msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libnghttp2-1.43.0-6.el9 (CVE-2026-27135), libarchive-3.5.3-6.el9_6 (CVE-2026-4111, CVE-2026-4424), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-15467), sqlite-libs-3.34.1-8.el9_6 (CVE-2025-6965), gnupg2-2.3.3-4.el9 (CVE-2025-68973)", "name": "clair_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 6 } }, { "msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libcap-2.48-9.el9_2 (CVE-2026-4878), krb5-libs-1.21.1-8.el9_6 (CVE-2026-40356)", "name": "clair_unpatched_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 2 } }, { "msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libmount-2.37.4-21.el9 (CVE-2025-14104), libuuid-2.37.4-21.el9 (CVE-2025-14104), systemd-libs-252-51.el9_6.2 (CVE-2025-4598), libblkid-2.37.4-21.el9 (CVE-2025-14104), glib2-2.68.4-16.el9_6.2 (CVE-2025-13601), libarchive-3.5.3-6.el9_6 (CVE-2026-5121), libsmartcols-2.37.4-21.el9 (CVE-2025-14104), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2025-9086), libxml2-2.9.13-12.el9_6 (CVE-2025-9714), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-11187, CVE-2025-69419, CVE-2025-9230), gnutls-3.8.3-6.el9_6.2 (CVE-2025-14831), glibc-2.34-168.el9_6.23 (CVE-2026-0915), curl-minimal-7.76.1-31.el9_6.1 (CVE-2025-9086)", "name": "clair_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 15 } }, { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: glibc-minimal-langpack-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), libmount-2.37.4-21.el9 (CVE-2026-27456), libuuid-2.37.4-21.el9 (CVE-2026-27456), coreutils-single-8.32-39.el9 (CVE-2025-5278), systemd-libs-252-51.el9_6.2 (CVE-2026-29111, CVE-2026-4105), libblkid-2.37.4-21.el9 (CVE-2026-27456), glib2-2.68.4-16.el9_6.2 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), libarchive-3.5.3-6.el9_6 (CVE-2023-30571, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), libsmartcols-2.37.4-21.el9 (CVE-2026-27456), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), libxml2-2.9.13-12.el9_6 (CVE-2026-0990, CVE-2026-1757, CVE-2026-6732), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2026-28386, CVE-2026-28390, CVE-2026-31790), openldap-2.6.8-4.el9 (CVE-2026-22185), gnupg2-2.3.3-4.el9 (CVE-2025-68972), glibc-common-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), glibc-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), xz-libs-5.2.5-8.el9_0 (CVE-2026-34743), krb5-libs-1.21.1-8.el9_6 (CVE-2026-40355), curl-minimal-7.76.1-31.el9_6.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 52 } }, { "msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796), gnutls-3.8.3-6.el9_6.2 (CVE-2025-9820), shadow-utils-2:4.9-12.el9 (CVE-2024-56433), glibc-2.34-168.el9_6.23 (CVE-2025-15281, CVE-2026-0861)", "name": "clair_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 13 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libstdc++-11.5.0-5.el9_5 (CVE-2022-27943), zlib-1.2.11-40.el9 (CVE-2026-27171), glibc-minimal-langpack-2.34-168.el9_6.23 (CVE-2026-4438), libgcc-11.5.0-5.el9_5 (CVE-2022-27943), gawk-5.1.0-6.el9 (CVE-2023-4156), libtasn1-4.16.0-9.el9 (CVE-2025-13151), pcre2-syntax-10.40-6.el9 (CVE-2022-41409), pcre2-10.40-6.el9 (CVE-2022-41409), glib2-2.68.4-16.el9_6.2 (CVE-2023-32636, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), libgcrypt-1.10.0-11.el9 (CVE-2026-41990), libarchive-3.5.3-6.el9_6 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-15079, CVE-2025-15224), libxml2-2.9.13-12.el9_6 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), openssl-fips-provider-so-3.0.7-6.el9_5 (CVE-2026-2673), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232, CVE-2026-2673, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), sqlite-libs-3.34.1-8.el9_6 (CVE-2024-0232, CVE-2025-70873), gnupg2-2.3.3-4.el9 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), ncurses-base-6.2-10.20210508.el9_6.2 (CVE-2023-50495), glibc-common-2.34-168.el9_6.23 (CVE-2026-4438), glibc-2.34-168.el9_6.23 (CVE-2026-4438), ncurses-libs-6.2-10.20210508.el9_6.2 (CVE-2023-50495), openssl-fips-provider-3.0.7-6.el9_5 (CVE-2026-2673), curl-minimal-7.76.1-31.el9_6.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-15079, CVE-2025-15224)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 55 } } ] } ] {"vulnerabilities":{"critical":0,"high":6,"medium":15,"low":13,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":2,"medium":52,"low":55,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry:6dfc0e7818e3cee33bb9a249454b22fc82dd0f9f", "digests": ["sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589"]}} {"result":"SUCCESS","timestamp":"2026-04-29T11:36:02+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: gh-multi-component-parent-qdry-on-push-2b46z-init-pod | init container: prepare 2026/04/29 11:20:29 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-init-pod | container step-init: time="2026-04-29T11:21:27Z" level=info msg="[param] enable: false" time="2026-04-29T11:21:27Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:21:27Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:21:27Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:21:27Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:21:27Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:21:27Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:21:27Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:21:27Z" level=info msg="[result] NO PROXY: " pod: gh-multi-component-parent-qdry-on-push-45lcb-init-pod | init container: prepare 2026/04/29 11:44:56 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-45lcb-init-pod | container step-init: time="2026-04-29T11:45:00Z" level=info msg="[param] enable: false" time="2026-04-29T11:45:00Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:45:00Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:45:00Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:45:00Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:45:00Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:45:00Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:45:00Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:45:00Z" level=info msg="[result] NO PROXY: " [FAILED] in [It] - /workspace/source/test/e2e/renovate.go:403 @ 04/29/26 11:46:48.363 << Timeline [FAILED] Expected success, but got an error: <*errors.errorString | 0xc000986ce0>: pod: gh-multi-component-parent-qdry-on-pull-request-5cvdz-init-pod | init container: prepare 2026/04/29 11:06:16 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-pull-request-5cvdz-init-pod | container step-init: time="2026-04-29T11:06:19Z" level=info msg="[param] enable: false" time="2026-04-29T11:06:19Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:06:19Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:06:19Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:06:19Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:06:19Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:06:19Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:06:19Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:06:19Z" level=info msg="[result] NO PROXY: " pod: gh-multi-component-parent-qdry-on-push-2b46z-apply-tags-pod | init container: prepare 2026/04/29 11:33:39 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-apply-tags-pod | container step-apply-additional-tags: time="2026-04-29T11:34:21Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry:6dfc0e7818e3cee33bb9a249454b22fc82dd0f9f" time="2026-04-29T11:34:21Z" level=info msg="[param] digest: sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589" time="2026-04-29T11:34:21Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-29T11:34:22Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | init container: prepare 2026/04/29 11:32:59 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | init container: place-scripts 2026/04/29 11:33:14 Decoded script /tekton/scripts/script-0-8pcw5 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-1-k99l2 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-2-ghmvw 2026/04/29 11:33:15 Decoded script /tekton/scripts/script-3-jvvln pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589. pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... 2026-04-29T11:34:39Z INF matchers created component=libvuln/New matchers=[{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"}] 2026-04-29T11:34:39Z INF libvuln initialized component=libvuln/New 2026-04-29T11:34:41Z INF registered configured scanners component=libindex/New 2026-04-29T11:34:41Z INF NewLayerScanner: constructing a new layer-scanner component=indexer.NewLayerScanner 2026-04-29T11:34:41Z INF index request start component=libindex/Libindex.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 2026-04-29T11:34:41Z INF starting scan component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 2026-04-29T11:34:41Z INF manifest to be scanned component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=CheckManifest 2026-04-29T11:34:41Z INF layers fetch start component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers fetch success component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers fetch done component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=FetchLayers 2026-04-29T11:34:41Z INF layers scan start component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=ScanLayers 2026-04-29T11:34:42Z INF layers scan done component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=ScanLayers 2026-04-29T11:34:42Z INF starting index manifest component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexManifest 2026-04-29T11:34:42Z INF finishing scan component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexFinished 2026-04-29T11:34:42Z INF manifest successfully scanned component=indexer/controller/Controller.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 state=IndexFinished 2026-04-29T11:34:42Z INF index request done component=libindex/Libindex.Index manifest=sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 { "manifest_hash": "sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589", "packages": { "+A7/nzEXX3Q/xJZ50VMnlQ==": { "id": "+A7/nzEXX3Q/xJZ50VMnlQ==", "name": "libidn2", "version": "2.3.0-7.el9", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.3.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+X1MdmtPTbyDb/wq7joJhA==": { "id": "+X1MdmtPTbyDb/wq7joJhA==", "name": "libtool-ltdl", "version": "2.4.6-46.el9", "kind": "binary", "source": { "id": "", "name": "libtool", "version": "2.4.6-46.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+bwl6UbMaWOBWdHNekJsEw==": { "id": "+bwl6UbMaWOBWdHNekJsEw==", "name": "coreutils-single", "version": "8.32-39.el9", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.32-39.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/L1kFEoHZTukrNTCQLypFQ==": { "id": "/L1kFEoHZTukrNTCQLypFQ==", "name": "xz-libs", "version": "5.2.5-8.el9_0", "kind": "binary", "source": { "id": "", "name": "xz", "version": "5.2.5-8.el9_0", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/O7rOBo1qRMFm3q3Kf3mEw==": { "id": "/O7rOBo1qRMFm3q3Kf3mEw==", "name": "libselinux", "version": "3.6-3.el9", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "3.6-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/h/TBQhfoSMCmey5oN87jA==": { "id": "/h/TBQhfoSMCmey5oN87jA==", "name": "libsolv", "version": "0.7.24-3.el9", "kind": "binary", "source": { "id": "", "name": "libsolv", "version": "0.7.24-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/ub7EE8Da46T0x7lRdlVJg==": { "id": "/ub7EE8Da46T0x7lRdlVJg==", "name": "libsmartcols", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "0T19Aon0dgLleTpQjLWzKw==": { "id": "0T19Aon0dgLleTpQjLWzKw==", "name": "crypto-policies", "version": "20250128-1.git5269e22.el9", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20250128-1.git5269e22.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "1atoBfoH0mJ0bCpetQ7/0g==": { "id": "1atoBfoH0mJ0bCpetQ7/0g==", "name": "file-libs", "version": "5.39-16.el9", "kind": "binary", "source": { "id": "", "name": "file", "version": "5.39-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "2gCbp4kt+cF44NF/LqukDg==": { "id": "2gCbp4kt+cF44NF/LqukDg==", "name": "pcre2-syntax", "version": "10.40-6.el9", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.40-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "5+tHFkkNi+1rUDSrmgYdkw==": { "id": "5+tHFkkNi+1rUDSrmgYdkw==", "name": "p11-kit-trust", "version": "0.25.3-3.el9_5", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5fhQlRzIg/IB8EVM2pFIZA==": { "id": "5fhQlRzIg/IB8EVM2pFIZA==", "name": "audit-libs", "version": "3.1.5-4.el9", "kind": "binary", "source": { "id": "", "name": "audit", "version": "3.1.5-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6WyRl8U3PR6ipKlxqlBzFA==": { "id": "6WyRl8U3PR6ipKlxqlBzFA==", "name": "ncurses-base", "version": "6.2-10.20210508.el9_6.2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2-10.20210508.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "7cpIREEQnkaI7dbmWgmrvg==": { "id": "7cpIREEQnkaI7dbmWgmrvg==", "name": "gdbm-libs", "version": "1:1.23-1.el9", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.23-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7mDaaxs3ev+uNEDYC97U3Q==": { "id": "7mDaaxs3ev+uNEDYC97U3Q==", "name": "zlib", "version": "1.2.11-40.el9", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1.2.11-40.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7ra56f21gLrcSpBD8a9+NQ==": { "id": "7ra56f21gLrcSpBD8a9+NQ==", "name": "libmount", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7vssDPaHKfFKMLimKBo7Gw==": { "id": "7vssDPaHKfFKMLimKBo7Gw==", "name": "libpeas", "version": "1.30.0-4.el9", "kind": "binary", "source": { "id": "", "name": "libpeas", "version": "1.30.0-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "8uME+PFu6p/OAD7q+ZTVLw==": { "id": "8uME+PFu6p/OAD7q+ZTVLw==", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9olIUlLHZMdoUMju+8diyQ==": { "id": "9olIUlLHZMdoUMju+8diyQ==", "name": "filesystem", "version": "3.16-5.el9", "kind": "binary", "source": { "id": "", "name": "filesystem", "version": "3.16-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BQhiFmX4hLYteW4oRCLTSA==": { "id": "BQhiFmX4hLYteW4oRCLTSA==", "name": "libassuan", "version": "2.5.5-3.el9", "kind": "binary", "source": { "id": "", "name": "libassuan", "version": "2.5.5-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BRLVvSCW1qZQlEQR2x48fQ==": { "id": "BRLVvSCW1qZQlEQR2x48fQ==", "name": "gobject-introspection", "version": "1.68.0-11.el9", "kind": "binary", "source": { "id": "", "name": "gobject-introspection", "version": "1.68.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "CpfomSYboaXPZ9yn9NgGgw==": { "id": "CpfomSYboaXPZ9yn9NgGgw==", "name": "krb5-libs", "version": "1.21.1-8.el9_6", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.21.1-8.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DrLq8qfU1bfE8o8AfdvkrQ==": { "id": "DrLq8qfU1bfE8o8AfdvkrQ==", "name": "libverto", "version": "0.3.2-3.el9", "kind": "binary", "source": { "id": "", "name": "libverto", "version": "0.3.2-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FZ9gWulzkx76xjTSH/yM/g==": { "id": "FZ9gWulzkx76xjTSH/yM/g==", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "binary", "source": { "id": "", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FrUQI+koTfbikRk1jsFd0w==": { "id": "FrUQI+koTfbikRk1jsFd0w==", "name": "libstdc++", "version": "11.5.0-5.el9_5", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "11.5.0-5.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "G61ZL2SOHR2qgvQfi118gw==": { "id": "G61ZL2SOHR2qgvQfi118gw==", "name": "dejavu-sans-fonts", "version": "2.37-18.el9", "kind": "binary", "source": { "id": "", "name": "dejavu-fonts", "version": "2.37-18.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "HQdWvmyUSqtI3UTY0T4JiQ==": { "id": "HQdWvmyUSqtI3UTY0T4JiQ==", "name": "pcre", "version": "8.44-4.el9", "kind": "binary", "source": { "id": "", "name": "pcre", "version": "8.44-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "I16VSEydeiRYB1TSf5694A==": { "id": "I16VSEydeiRYB1TSf5694A==", "name": "libreport-filesystem", "version": "2.15.2-6.el9", "kind": "binary", "source": { "id": "", "name": "libreport", "version": "2.15.2-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "IZ65O3ZOapykHwhaOX1/YA==": { "id": "IZ65O3ZOapykHwhaOX1/YA==", "name": "libnghttp2", "version": "1.43.0-6.el9", "kind": "binary", "source": { "id": "", "name": "nghttp2", "version": "1.43.0-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JKP7JzVg7UGaAz4VrH03lQ==": { "id": "JKP7JzVg7UGaAz4VrH03lQ==", "name": "langpacks-core-font-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "KF5C+zKu/uFB7knCqOvDAQ==": { "id": "KF5C+zKu/uFB7knCqOvDAQ==", "name": "json-glib", "version": "1.6.6-1.el9", "kind": "binary", "source": { "id": "", "name": "json-glib", "version": "1.6.6-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "KXUGN6voGlWUMRN5TCFy4w==": { "id": "KXUGN6voGlWUMRN5TCFy4w==", "name": "systemd-libs", "version": "252-51.el9_6.2", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "252-51.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Lwqn0aweLQLZmo12VvYcog==": { "id": "Lwqn0aweLQLZmo12VvYcog==", "name": "popt", "version": "1.18-8.el9", "kind": "binary", "source": { "id": "", "name": "popt", "version": "1.18-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "M9YTWinowLqOqX/+8mbhjg==": { "id": "M9YTWinowLqOqX/+8mbhjg==", "name": "sqlite-libs", "version": "3.34.1-8.el9_6", "kind": "binary", "source": { "id": "", "name": "sqlite", "version": "3.34.1-8.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "MDH8Zt4oQWDiYk9qFV5Lbg==": { "id": "MDH8Zt4oQWDiYk9qFV5Lbg==", "name": "libxcrypt", "version": "4.4.18-3.el9", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "4.4.18-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NdCY2/S+syamLH224R4hug==": { "id": "NdCY2/S+syamLH224R4hug==", "name": "langpacks-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "O1acB+rpl9OLkk9I6phF7Q==": { "id": "O1acB+rpl9OLkk9I6phF7Q==", "name": "shadow-utils", "version": "2:4.9-12.el9", "kind": "binary", "source": { "id": "", "name": "shadow-utils", "version": "4.9-12.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OCIjbR16ktOEiFK36r0WNw==": { "id": "OCIjbR16ktOEiFK36r0WNw==", "name": "libtasn1", "version": "4.16.0-9.el9", "kind": "binary", "source": { "id": "", "name": "libtasn1", "version": "4.16.0-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OaFmq38HlbKLTTEM/qATzg==": { "id": "OaFmq38HlbKLTTEM/qATzg==", "name": "libcurl-minimal", "version": "7.76.1-31.el9_6.1", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.76.1-31.el9_6.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OgwdUybWl/HQYbnPTE4Psw==": { "id": "OgwdUybWl/HQYbnPTE4Psw==", "name": "npth", "version": "1.6-8.el9", "kind": "binary", "source": { "id": "", "name": "npth", "version": "1.6-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Ohssf0Jzlafd9vtrrUKCXg==": { "id": "Ohssf0Jzlafd9vtrrUKCXg==", "name": "bash", "version": "5.1.8-9.el9", "kind": "binary", "source": { "id": "", "name": "bash", "version": "5.1.8-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "P5Om9zCJ/QZ+hnrEvj6fGw==": { "id": "P5Om9zCJ/QZ+hnrEvj6fGw==", "name": "libgcrypt", "version": "1.10.0-11.el9", "kind": "binary", "source": { "id": "", "name": "libgcrypt", "version": "1.10.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PIk2BBAWexCFofMi5q03RA==": { "id": "PIk2BBAWexCFofMi5q03RA==", "name": "pcre2", "version": "10.40-6.el9", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.40-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PZXvGa4khHd2n6o73hJ/Pg==": { "id": "PZXvGa4khHd2n6o73hJ/Pg==", "name": "microdnf", "version": "3.9.1-3.el9", "kind": "binary", "source": { "id": "", "name": "microdnf", "version": "3.9.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RXh3fimX8fGZeCt4chJEiA==": { "id": "RXh3fimX8fGZeCt4chJEiA==", "name": "librhsm", "version": "0.0.3-9.el9", "kind": "binary", "source": { "id": "", "name": "librhsm", "version": "0.0.3-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "S8p9UGak1oycptcpYp/1eg==": { "id": "S8p9UGak1oycptcpYp/1eg==", "name": "openldap", "version": "2.6.8-4.el9", "kind": "binary", "source": { "id": "", "name": "openldap", "version": "2.6.8-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "SjQtW3gQmgt+Qj8JlnY4Mg==": { "id": "SjQtW3gQmgt+Qj8JlnY4Mg==", "name": "libblkid", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Su8bfW9ijc0V5CiAum2V1g==": { "id": "Su8bfW9ijc0V5CiAum2V1g==", "name": "bzip2-libs", "version": "1.0.8-10.el9_5", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.8-10.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TPIRq84Pr3a6ywzPeCr3Pw==": { "id": "TPIRq84Pr3a6ywzPeCr3Pw==", "name": "libcap-ng", "version": "0.8.2-7.el9", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.8.2-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "To0NR+oyXDu1CYJfmVGurQ==": { "id": "To0NR+oyXDu1CYJfmVGurQ==", "name": "gpgme", "version": "1.15.1-6.el9", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.15.1-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VV2Z1ngTs6sGvt5SrayPCg==": { "id": "VV2Z1ngTs6sGvt5SrayPCg==", "name": "libgpg-error", "version": "1.42-5.el9", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.42-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VX9V+Y680L2xf2tBREdpCw==": { "id": "VX9V+Y680L2xf2tBREdpCw==", "name": "gmp", "version": "1:6.2.0-13.el9", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "6.2.0-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "WtG8AvirpmNJ8wVE+fxfGQ==": { "id": "WtG8AvirpmNJ8wVE+fxfGQ==", "name": "libxml2", "version": "2.9.13-12.el9_6", "kind": "binary", "source": { "id": "", "name": "libxml2", "version": "2.9.13-12.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XG5+bW8np2NedSy/od6z8Q==": { "id": "XG5+bW8np2NedSy/od6z8Q==", "name": "libacl", "version": "2.3.1-4.el9", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.3.1-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XJlS+gwEt7T+nNr/Bflqzg==": { "id": "XJlS+gwEt7T+nNr/Bflqzg==", "name": "glibc-minimal-langpack", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XMkvB1ljVS0bNTUu2UEs3g==": { "id": "XMkvB1ljVS0bNTUu2UEs3g==", "name": "libgcc", "version": "11.5.0-5.el9_5", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "11.5.0-5.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XwbkaIGCYyq6BjBMVZ1wzw==": { "id": "XwbkaIGCYyq6BjBMVZ1wzw==", "name": "readline", "version": "8.1-4.el9", "kind": "binary", "source": { "id": "", "name": "readline", "version": "8.1-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ZabCZVOpeuHGnRiGdzqBig==": { "id": "ZabCZVOpeuHGnRiGdzqBig==", "name": "openssl-fips-provider-so", "version": "3.0.7-6.el9_5", "kind": "binary", "source": { "id": "", "name": "openssl-fips-provider", "version": "3.0.7-6.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "arLt5War9yeQ8auYn/Idmw==": { "id": "arLt5War9yeQ8auYn/Idmw==", "name": "nettle", "version": "3.10.1-1.el9", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.10.1-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ayTA+mXRKgSCRl5LaqP4/w==": { "id": "ayTA+mXRKgSCRl5LaqP4/w==", "name": "glib2", "version": "2.68.4-16.el9_6.2", "kind": "binary", "source": { "id": "", "name": "glib2", "version": "2.68.4-16.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bFvWffGqJWr7FWnI7K9NVw==": { "id": "bFvWffGqJWr7FWnI7K9NVw==", "name": "grep", "version": "3.6-5.el9", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.6-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bemGVBhbDe9iV1Kjvd9hAA==": { "id": "bemGVBhbDe9iV1Kjvd9hAA==", "name": "libffi", "version": "3.4.2-8.el9", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.4.2-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bgzKs6bbeWeXxcqE+n7Jog==": { "id": "bgzKs6bbeWeXxcqE+n7Jog==", "name": "libsepol", "version": "3.6-2.el9", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "3.6-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dC9CoYt17eaqinGSVCfCxw==": { "id": "dC9CoYt17eaqinGSVCfCxw==", "name": "libattr", "version": "2.5.1-3.el9", "kind": "binary", "source": { "id": "", "name": "attr", "version": "2.5.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "de44cUqF23LvU0fOSvNRjA==": { "id": "de44cUqF23LvU0fOSvNRjA==", "name": "libevent", "version": "2.1.12-8.el9_4", "kind": "binary", "source": { "id": "", "name": "libevent", "version": "2.1.12-8.el9_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dpQG/pUwAqVv1OdQqnvylQ==": { "id": "dpQG/pUwAqVv1OdQqnvylQ==", "name": "libsigsegv", "version": "2.13-4.el9", "kind": "binary", "source": { "id": "", "name": "libsigsegv", "version": "2.13-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eK3V3oi6vbIfOQRAcWBYDw==": { "id": "eK3V3oi6vbIfOQRAcWBYDw==", "name": "glibc-common", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eRa7MZyiHBvsv7GPhkGKdg==": { "id": "eRa7MZyiHBvsv7GPhkGKdg==", "name": "lua-libs", "version": "5.4.4-4.el9", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.4.4-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eaygsCP+5IpdIryvw94Tcw==": { "id": "eaygsCP+5IpdIryvw94Tcw==", "name": "rootfiles", "version": "8.1-34.el9", "kind": "binary", "source": { "id": "", "name": "rootfiles", "version": "8.1-34.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f8lJd/yoDqE6O0RUQGqkpQ==": { "id": "f8lJd/yoDqE6O0RUQGqkpQ==", "name": "libusbx", "version": "1.0.26-1.el9", "kind": "binary", "source": { "id": "", "name": "libusbx", "version": "1.0.26-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gsKPriszRNKAqMnHK+dXgw==": { "id": "gsKPriszRNKAqMnHK+dXgw==", "name": "libksba", "version": "1.5.1-7.el9", "kind": "binary", "source": { "id": "", "name": "libksba", "version": "1.5.1-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hYEisV19Dxn4PvCvxJFm5A==": { "id": "hYEisV19Dxn4PvCvxJFm5A==", "name": "lz4-libs", "version": "1.9.3-5.el9", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.9.3-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iTD/lpKAM3AZEWh+zVx2tg==": { "id": "iTD/lpKAM3AZEWh+zVx2tg==", "name": "librepo", "version": "1.14.5-2.el9", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.5-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iVtx1BX52G3zRfk+g/oWIg==": { "id": "iVtx1BX52G3zRfk+g/oWIg==", "name": "openssl-libs", "version": "1:3.2.2-6.el9_5.1", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "3.2.2-6.el9_5.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "iaJm7Mdk9UadnBII0ZwMeA==": { "id": "iaJm7Mdk9UadnBII0ZwMeA==", "name": "dnf-data", "version": "4.14.0-25.el9", "kind": "binary", "source": { "id": "", "name": "dnf", "version": "4.14.0-25.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "izPQpATHYfezyT+kcua/tQ==": { "id": "izPQpATHYfezyT+kcua/tQ==", "name": "gnutls", "version": "3.8.3-6.el9_6.2", "kind": "binary", "source": { "id": "", "name": "gnutls", "version": "3.8.3-6.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jAjaNW7NMGiv7HfByDu4RQ==": { "id": "jAjaNW7NMGiv7HfByDu4RQ==", "name": "alternatives", "version": "1.24-2.el9", "kind": "binary", "source": { "id": "", "name": "chkconfig", "version": "1.24-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kAEPeyZOK/FwFoG6mOFUbQ==": { "id": "kAEPeyZOK/FwFoG6mOFUbQ==", "name": "libcap", "version": "2.48-9.el9_2", "kind": "binary", "source": { "id": "", "name": "libcap", "version": "2.48-9.el9_2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kFxhSjWy84mTZBM4XiZaeQ==": { "id": "kFxhSjWy84mTZBM4XiZaeQ==", "name": "setup", "version": "2.13.7-10.el9", "kind": "binary", "source": { "id": "", "name": "setup", "version": "2.13.7-10.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "kgbITSeRtKiT7enG8buGXw==": { "id": "kgbITSeRtKiT7enG8buGXw==", "name": "libcom_err", "version": "1.46.5-7.el9", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.5-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kigiD4fuysu8/DeCr+ONKQ==": { "id": "kigiD4fuysu8/DeCr+ONKQ==", "name": "basesystem", "version": "11-13.el9", "kind": "binary", "source": { "id": "", "name": "basesystem", "version": "11-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "kp6BaioAZ30jbVeZkkzokA==": { "id": "kp6BaioAZ30jbVeZkkzokA==", "name": "libzstd", "version": "1.5.5-1.el9", "kind": "binary", "source": { "id": "", "name": "zstd", "version": "1.5.5-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kvpHJLhsWpgEBJjx168pDg==": { "id": "kvpHJLhsWpgEBJjx168pDg==", "name": "tzdata", "version": "2025b-1.el9", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2025b-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "lI6hCbIwETVhCFhL4BxyiQ==": { "id": "lI6hCbIwETVhCFhL4BxyiQ==", "name": "libdnf", "version": "0.69.0-13.el9", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.69.0-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lad8JH31WlI0MsNEYhUWlA==": { "id": "lad8JH31WlI0MsNEYhUWlA==", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-168.el9_6.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mDM1q1sl0PqUWEn54kTSRw==": { "id": "mDM1q1sl0PqUWEn54kTSRw==", "name": "curl-minimal", "version": "7.76.1-31.el9_6.1", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.76.1-31.el9_6.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mK/FUfODp3MR7WS2xegPsw==": { "id": "mK/FUfODp3MR7WS2xegPsw==", "name": "langpacks-core-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "mPqGnMbiXN6jP61aGbHvOA==": { "id": "mPqGnMbiXN6jP61aGbHvOA==", "name": "libyaml", "version": "0.2.5-7.el9", "kind": "binary", "source": { "id": "", "name": "libyaml", "version": "0.2.5-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nzQEyt4JfkGeZIIHPiBhog==": { "id": "nzQEyt4JfkGeZIIHPiBhog==", "name": "libuuid", "version": "2.37.4-21.el9", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nzlusFbkan5h1d1Ks+BKBQ==": { "id": "nzlusFbkan5h1d1Ks+BKBQ==", "name": "ncurses-libs", "version": "6.2-10.20210508.el9_6.2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2-10.20210508.el9_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "pYM7mYzFYUjRrK74RyhfOw==": { "id": "pYM7mYzFYUjRrK74RyhfOw==", "name": "redhat-release", "version": "9.6-0.1.el9", "kind": "binary", "source": { "id": "", "name": "redhat-release", "version": "9.6-0.1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "qYSZ6aKFWol313IOGRXaug==": { "id": "qYSZ6aKFWol313IOGRXaug==", "name": "json-c", "version": "0.14-11.el9", "kind": "binary", "source": { "id": "", "name": "json-c", "version": "0.14-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rCLp3m64Catai9VuHvh3Lw==": { "id": "rCLp3m64Catai9VuHvh3Lw==", "name": "keyutils-libs", "version": "1.6.3-1.el9", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.6.3-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rY/kE/V4JnxYoqV+lmc9mg==": { "id": "rY/kE/V4JnxYoqV+lmc9mg==", "name": "gawk", "version": "5.1.0-6.el9", "kind": "binary", "source": { "id": "", "name": "gawk", "version": "5.1.0-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rlHYqOr0lkUB/Gs6b1kD2g==": { "id": "rlHYqOr0lkUB/Gs6b1kD2g==", "name": "mpfr", "version": "4.1.0-7.el9", "kind": "binary", "source": { "id": "", "name": "mpfr", "version": "4.1.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ssPaV1VLDu6d5ZJ6Rrmh3A==": { "id": "ssPaV1VLDu6d5ZJ6Rrmh3A==", "name": "sed", "version": "4.8-9.el9", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.8-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sx0C6L5COHIkv6yQQyPlbw==": { "id": "sx0C6L5COHIkv6yQQyPlbw==", "name": "libunistring", "version": "0.9.10-15.el9", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.10-15.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u5TyEoU5GA6Z2czzwhMLiA==": { "id": "u5TyEoU5GA6Z2czzwhMLiA==", "name": "fonts-filesystem", "version": "1:2.0.5-7.el9.1", "kind": "binary", "source": { "id": "", "name": "fonts-rpm-macros", "version": "2.0.5-7.el9.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "v3i4ez5juML2ZWwR+6dFFg==": { "id": "v3i4ez5juML2ZWwR+6dFFg==", "name": "gnupg2", "version": "2.3.3-4.el9", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.3.3-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "wCA3gMNtInqX1xg18QcnQg==": { "id": "wCA3gMNtInqX1xg18QcnQg==", "name": "ca-certificates", "version": "2024.2.69_v8.0.303-91.4.el9_4", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "2024.2.69_v8.0.303-91.4.el9_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "wfJGCqOH8d+IYg/dAepx1A==": { "id": "wfJGCqOH8d+IYg/dAepx1A==", "name": "libarchive", "version": "3.5.3-6.el9_6", "kind": "binary", "source": { "id": "", "name": "libarchive", "version": "3.5.3-6.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "x4oijVhQU8BUwJwoFvk4QA==": { "id": "x4oijVhQU8BUwJwoFvk4QA==", "name": "libmodulemd", "version": "2.13.0-2.el9", "kind": "binary", "source": { "id": "", "name": "libmodulemd", "version": "2.13.0-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xSopjH0yPtbnx33MBmtmuA==": { "id": "xSopjH0yPtbnx33MBmtmuA==", "name": "rpm-libs", "version": "4.16.1.3-37.el9", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xhMgwxa+ubXlCA6s9XfRgw==": { "id": "xhMgwxa+ubXlCA6s9XfRgw==", "name": "cyrus-sasl-lib", "version": "2.1.27-21.el9", "kind": "binary", "source": { "id": "", "name": "cyrus-sasl", "version": "2.1.27-21.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yEp9fQVFIQAEDPCwC3GLmA==": { "id": "yEp9fQVFIQAEDPCwC3GLmA==", "name": "libsemanage", "version": "3.6-5.el9_6", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "3.6-5.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zPvTALB8qlNtHa1j2iT5Zg==": { "id": "zPvTALB8qlNtHa1j2iT5Zg==", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.16.1.3-37.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" } }, "distributions": { "a1752d98-cb05-46e0-851e-94da612c34c2": { "id": "a1752d98-cb05-46e0-851e-94da612c34c2", "did": "rhel", "name": "Red Hat Enterprise Linux Server", "version": "9", "version_code_name": "", "version_id": "9", "arch": "", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "pretty_name": "Red Hat Enterprise Linux Server 9" } }, "repository": { "70dd5db6-1003-4918-9d8a-ec0132a674d1": { "id": "70dd5db6-1003-4918-9d8a-ec0132a674d1", "name": "cpe:/a:redhat:enterprise_linux:9::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "8b5329d2-a935-4bac-a139-24b7beeac3ed": { "id": "8b5329d2-a935-4bac-a139-24b7beeac3ed", "name": "cpe:/o:redhat:enterprise_linux:9::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" } }, "environments": { "+A7/nzEXX3Q/xJZ50VMnlQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "+X1MdmtPTbyDb/wq7joJhA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "+bwl6UbMaWOBWdHNekJsEw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/L1kFEoHZTukrNTCQLypFQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/O7rOBo1qRMFm3q3Kf3mEw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/h/TBQhfoSMCmey5oN87jA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "/ub7EE8Da46T0x7lRdlVJg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "0T19Aon0dgLleTpQjLWzKw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "1atoBfoH0mJ0bCpetQ7/0g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "2gCbp4kt+cF44NF/LqukDg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "5+tHFkkNi+1rUDSrmgYdkw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "5fhQlRzIg/IB8EVM2pFIZA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "6WyRl8U3PR6ipKlxqlBzFA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7cpIREEQnkaI7dbmWgmrvg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7mDaaxs3ev+uNEDYC97U3Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7ra56f21gLrcSpBD8a9+NQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "7vssDPaHKfFKMLimKBo7Gw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "8uME+PFu6p/OAD7q+ZTVLw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "9olIUlLHZMdoUMju+8diyQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "BQhiFmX4hLYteW4oRCLTSA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "BRLVvSCW1qZQlEQR2x48fQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "CpfomSYboaXPZ9yn9NgGgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "DrLq8qfU1bfE8o8AfdvkrQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "FZ9gWulzkx76xjTSH/yM/g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "FrUQI+koTfbikRk1jsFd0w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "G61ZL2SOHR2qgvQfi118gw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "HQdWvmyUSqtI3UTY0T4JiQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "I16VSEydeiRYB1TSf5694A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "IZ65O3ZOapykHwhaOX1/YA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "JKP7JzVg7UGaAz4VrH03lQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "KF5C+zKu/uFB7knCqOvDAQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "KXUGN6voGlWUMRN5TCFy4w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Lwqn0aweLQLZmo12VvYcog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "M9YTWinowLqOqX/+8mbhjg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "MDH8Zt4oQWDiYk9qFV5Lbg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "NdCY2/S+syamLH224R4hug==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "O1acB+rpl9OLkk9I6phF7Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OCIjbR16ktOEiFK36r0WNw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OaFmq38HlbKLTTEM/qATzg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "OgwdUybWl/HQYbnPTE4Psw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Ohssf0Jzlafd9vtrrUKCXg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "P5Om9zCJ/QZ+hnrEvj6fGw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "PIk2BBAWexCFofMi5q03RA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "PZXvGa4khHd2n6o73hJ/Pg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "RXh3fimX8fGZeCt4chJEiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "S8p9UGak1oycptcpYp/1eg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "SjQtW3gQmgt+Qj8JlnY4Mg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "Su8bfW9ijc0V5CiAum2V1g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "TPIRq84Pr3a6ywzPeCr3Pw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "To0NR+oyXDu1CYJfmVGurQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "VV2Z1ngTs6sGvt5SrayPCg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "VX9V+Y680L2xf2tBREdpCw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "WtG8AvirpmNJ8wVE+fxfGQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XG5+bW8np2NedSy/od6z8Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XJlS+gwEt7T+nNr/Bflqzg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XMkvB1ljVS0bNTUu2UEs3g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "XwbkaIGCYyq6BjBMVZ1wzw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ZabCZVOpeuHGnRiGdzqBig==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "arLt5War9yeQ8auYn/Idmw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ayTA+mXRKgSCRl5LaqP4/w==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bFvWffGqJWr7FWnI7K9NVw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bemGVBhbDe9iV1Kjvd9hAA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "bgzKs6bbeWeXxcqE+n7Jog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "dC9CoYt17eaqinGSVCfCxw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "de44cUqF23LvU0fOSvNRjA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "dpQG/pUwAqVv1OdQqnvylQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eK3V3oi6vbIfOQRAcWBYDw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eRa7MZyiHBvsv7GPhkGKdg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "eaygsCP+5IpdIryvw94Tcw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "f8lJd/yoDqE6O0RUQGqkpQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "gsKPriszRNKAqMnHK+dXgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "hYEisV19Dxn4PvCvxJFm5A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iTD/lpKAM3AZEWh+zVx2tg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iVtx1BX52G3zRfk+g/oWIg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "iaJm7Mdk9UadnBII0ZwMeA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "izPQpATHYfezyT+kcua/tQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "jAjaNW7NMGiv7HfByDu4RQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kAEPeyZOK/FwFoG6mOFUbQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kFxhSjWy84mTZBM4XiZaeQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kgbITSeRtKiT7enG8buGXw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kigiD4fuysu8/DeCr+ONKQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kp6BaioAZ30jbVeZkkzokA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "kvpHJLhsWpgEBJjx168pDg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "lI6hCbIwETVhCFhL4BxyiQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "lad8JH31WlI0MsNEYhUWlA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mDM1q1sl0PqUWEn54kTSRw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mK/FUfODp3MR7WS2xegPsw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "mPqGnMbiXN6jP61aGbHvOA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "nzQEyt4JfkGeZIIHPiBhog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "nzlusFbkan5h1d1Ks+BKBQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "pYM7mYzFYUjRrK74RyhfOw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "qYSZ6aKFWol313IOGRXaug==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rCLp3m64Catai9VuHvh3Lw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rY/kE/V4JnxYoqV+lmc9mg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "rlHYqOr0lkUB/Gs6b1kD2g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "ssPaV1VLDu6d5ZJ6Rrmh3A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "sx0C6L5COHIkv6yQQyPlbw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "u5TyEoU5GA6Z2czzwhMLiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "v3i4ez5juML2ZWwR+6dFFg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "wCA3gMNtInqX1xg18QcnQg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "wfJGCqOH8d+IYg/dAepx1A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "x4oijVhQU8BUwJwoFvk4QA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "xSopjH0yPtbnx33MBmtmuA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "xhMgwxa+ubXlCA6s9XfRgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "yEp9fQVFIQAEDPCwC3GLmA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ], "zPvTALB8qlNtHa1j2iT5Zg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "a1752d98-cb05-46e0-851e-94da612c34c2", "repository_ids": [ "70dd5db6-1003-4918-9d8a-ec0132a674d1", "8b5329d2-a935-4bac-a139-24b7beeac3ed" ] }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:2920d84eafa0cf94806ab58f0a2124f7b2d35bcbb06fc89a9106dcc28efe397a", "distribution_id": "", "repository_ids": null } ] }, "vulnerabilities": { "+U7CyAHaY71mhNm2Xnq2uw==": { "id": "+U7CyAHaY71mhNm2Xnq2uw==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "+UOyQgpOAnrWS+mVMK5k1Q==": { "id": "+UOyQgpOAnrWS+mVMK5k1Q==", "updater": "rhel-vex", "name": "CVE-2026-0861", "description": "A flaw was found in the glibc library. Passing an excessively large alignment value to the memalign suite of functions, such as memalign, posix_memalign, aligned_alloc, valloc and pvalloc, an integer overflow can occur during internal size calculations due to improper overflow checks, causing an allocation of a small chunk of memory which is subsequently used for writing. This issue can result in an application crash or heap memory corruption.", "issued": "2026-01-14T21:01:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0861 https://bugzilla.redhat.com/show_bug.cgi?id=2429771 https://www.cve.org/CVERecord?id=CVE-2026-0861 https://nvd.nist.gov/vuln/detail/CVE-2026-0861 https://sourceware.org/bugzilla/show_bug.cgi?id=33796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0861.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "/A7M1zrsMND1dKjg2gEuyg==": { "id": "/A7M1zrsMND1dKjg2gEuyg==", "updater": "rhel-vex", "name": "CVE-2026-5450", "description": "A flaw was found in glibc (GNU C Library). This vulnerability occurs when an application uses the `scanf` family of functions with a `%mc` format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination can lead to a one-byte heap buffer overflow, potentially allowing an attacker to corrupt memory.", "issued": "2026-04-20T20:55:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5450 https://bugzilla.redhat.com/show_bug.cgi?id=2459853 https://www.cve.org/CVERecord?id=CVE-2026-5450 https://nvd.nist.gov/vuln/detail/CVE-2026-5450 https://inbox.sourceware.org/libc-announce/b11f0003-6ec1-4bd6-b9de-9e38a4efeca3@redhat.com/T/#u https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2026-5450 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5450.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/jvSCV2RwJ6c/Llx9z8uvA==": { "id": "/jvSCV2RwJ6c/Llx9z8uvA==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "0E1VjQWdmolR9lr9ElIZZQ==": { "id": "0E1VjQWdmolR9lr9ElIZZQ==", "updater": "rhel-vex", "name": "CVE-2026-28389", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence, leading to a NULL pointer dereference. This can result in a Denial of Service (DoS) for applications that handle untrusted CMS data.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28389 https://bugzilla.redhat.com/show_bug.cgi?id=2451096 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28389.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1/8/Mjb4nleg0SsOivHAww==": { "id": "1/8/Mjb4nleg0SsOivHAww==", "updater": "rhel-vex", "name": "CVE-2025-9820", "description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "issued": "2025-11-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9820 https://bugzilla.redhat.com/show_bug.cgi?id=2392528 https://www.cve.org/CVERecord?id=CVE-2025-9820 https://nvd.nist.gov/vuln/detail/CVE-2025-9820 https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5 https://gitlab.com/gnutls/gnutls/-/issues/1732 https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9820.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "1hhG+RKT0fsxlS/Wf/LWEA==": { "id": "1hhG+RKT0fsxlS/Wf/LWEA==", "updater": "rhel-vex", "name": "CVE-2026-0861", "description": "A flaw was found in the glibc library. Passing an excessively large alignment value to the memalign suite of functions, such as memalign, posix_memalign, aligned_alloc, valloc and pvalloc, an integer overflow can occur during internal size calculations due to improper overflow checks, causing an allocation of a small chunk of memory which is subsequently used for writing. This issue can result in an application crash or heap memory corruption.", "issued": "2026-01-14T21:01:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0861 https://bugzilla.redhat.com/show_bug.cgi?id=2429771 https://www.cve.org/CVERecord?id=CVE-2026-0861 https://nvd.nist.gov/vuln/detail/CVE-2026-0861 https://sourceware.org/bugzilla/show_bug.cgi?id=33796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0861.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "1npmxgSnoYj2MyAhQMaE7g==": { "id": "1npmxgSnoYj2MyAhQMaE7g==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2TDjlt2gAEWsLyBBPigFYw==": { "id": "2TDjlt2gAEWsLyBBPigFYw==", "updater": "rhel-vex", "name": "CVE-2024-13176", "description": "A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.", "issued": "2025-01-20T13:29:57Z", "links": "https://access.redhat.com/security/cve/CVE-2024-13176 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-13176.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3UNcgW64Eji4iyY2ZDB1cg==": { "id": "3UNcgW64Eji4iyY2ZDB1cg==", "updater": "rhel-vex", "name": "CVE-2026-3783", "description": "A flaw was found in curl. When an OAuth2 bearer token is used for an HTTP(S) transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the `.netrc` file, allowing the bearer token intended for the first host to be sent to the redirected host. This information disclosure could allow an attacker to gain unauthorized access.", "issued": "2026-03-11T10:09:08Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3783 https://bugzilla.redhat.com/show_bug.cgi?id=2446450 https://www.cve.org/CVERecord?id=CVE-2026-3783 https://nvd.nist.gov/vuln/detail/CVE-2026-3783 http://www.openwall.com/lists/oss-security/2026/03/11/2 https://curl.se/docs/CVE-2026-3783.html https://curl.se/docs/CVE-2026-3783.json https://hackerone.com/reports/3583983 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3783.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3bb0a18NQSPWO0aeq9twVw==": { "id": "3bb0a18NQSPWO0aeq9twVw==", "updater": "rhel-vex", "name": "CVE-2025-69419", "description": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69419 https://bugzilla.redhat.com/show_bug.cgi?id=2430386 https://www.cve.org/CVERecord?id=CVE-2025-69419 https://nvd.nist.gov/vuln/detail/CVE-2025-69419 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69419.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "429KD7e1Cl6AyUZNBGOTQw==": { "id": "429KD7e1Cl6AyUZNBGOTQw==", "updater": "rhel-vex", "name": "CVE-2025-9230", "description": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9230 https://bugzilla.redhat.com/show_bug.cgi?id=2396054 https://www.cve.org/CVERecord?id=CVE-2025-9230 https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9230.json https://access.redhat.com/errata/RHSA-2025:21255", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-4.el9_7", "arch_op": "pattern match" }, "4u3exWl+MPcCOYOgbQLM+A==": { "id": "4u3exWl+MPcCOYOgbQLM+A==", "updater": "rhel-vex", "name": "CVE-2025-69419", "description": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69419 https://bugzilla.redhat.com/show_bug.cgi?id=2430386 https://www.cve.org/CVERecord?id=CVE-2025-69419 https://nvd.nist.gov/vuln/detail/CVE-2025-69419 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69419.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "59oEBlU3jh6EL6gtZDUaug==": { "id": "59oEBlU3jh6EL6gtZDUaug==", "updater": "rhel-vex", "name": "CVE-2026-4437", "description": "A flaw was found in glibc (the GNU C Library). When an application uses the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS (Domain Name System) response. This crafted response can cause the application to incorrectly interpret a non-answer section of the DNS response as a valid answer, leading to potential misbehavior or incorrect information processing.", "issued": "2026-03-20T19:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4437 https://bugzilla.redhat.com/show_bug.cgi?id=2449777 https://www.cve.org/CVERecord?id=CVE-2026-4437 https://nvd.nist.gov/vuln/detail/CVE-2026-4437 https://sourceware.org/bugzilla/show_bug.cgi?id=34014 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4437.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5BksN0izCeDRrtFMsNCyvg==": { "id": "5BksN0izCeDRrtFMsNCyvg==", "updater": "rhel-vex", "name": "CVE-2025-9232", "description": "A flaw was found in the OpenSSL HTTP client API no_proxy handling. This vulnerability allows an application level denial of service (application crash) via an attacker-controlled IPv6 URL when the no_proxy environment variable is set.", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9232 https://bugzilla.redhat.com/show_bug.cgi?id=2396056 https://www.cve.org/CVERecord?id=CVE-2025-9232 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9232.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5amguv6OT1njd8r+RXMCQQ==": { "id": "5amguv6OT1njd8r+RXMCQQ==", "updater": "rhel-vex", "name": "CVE-2025-66199", "description": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66199 https://bugzilla.redhat.com/show_bug.cgi?id=2430379 https://www.cve.org/CVERecord?id=CVE-2025-66199 https://nvd.nist.gov/vuln/detail/CVE-2025-66199 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66199.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "6hAQW3vY9ZA/8datv1rY4g==": { "id": "6hAQW3vY9ZA/8datv1rY4g==", "updater": "rhel-vex", "name": "CVE-2024-41996", "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "issued": "2024-08-26T06:15:04Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41996 https://bugzilla.redhat.com/show_bug.cgi?id=2307826 https://www.cve.org/CVERecord?id=CVE-2024-41996 https://nvd.nist.gov/vuln/detail/CVE-2024-41996 https://dheatattack.gitlab.io/details/ https://dheatattack.gitlab.io/faq/ https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1 https://github.com/openssl/openssl/issues/17374 https://openssl-library.org/post/2022-10-21-tls-groups-configuration/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41996.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6rEIsdyQtCC456AuGwgsDQ==": { "id": "6rEIsdyQtCC456AuGwgsDQ==", "updater": "rhel-vex", "name": "CVE-2025-15079", "description": "A flaw was found in curl. When performing SSH-based transfers using SCP or SFTP, libcurl could mistakenly connect to hosts not listed in the user-specified knownhosts file. This occurs if the host is present in the libssh global knownhosts file, effectively bypassing the intended host verification. This could allow a remote attacker to connect to an untrusted host, potentially leading to information disclosure or man-in-the-middle attacks.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15079 https://bugzilla.redhat.com/show_bug.cgi?id=2426409 https://www.cve.org/CVERecord?id=CVE-2025-15079 https://nvd.nist.gov/vuln/detail/CVE-2025-15079 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15079.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "76mWuVYhbmIFsc4DNorK9A==": { "id": "76mWuVYhbmIFsc4DNorK9A==", "updater": "rhel-vex", "name": "CVE-2025-5917", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5917 https://bugzilla.redhat.com/show_bug.cgi?id=2370874 https://www.cve.org/CVERecord?id=CVE-2025-5917 https://nvd.nist.gov/vuln/detail/CVE-2025-5917 https://github.com/libarchive/libarchive/pull/2588 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5917.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "76z9Mpn8Jp7lhZSPsHTHug==": { "id": "76z9Mpn8Jp7lhZSPsHTHug==", "updater": "rhel-vex", "name": "CVE-2025-68973", "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", "issued": "2025-12-28T16:19:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68973 https://bugzilla.redhat.com/show_bug.cgi?id=2425966 https://www.cve.org/CVERecord?id=CVE-2025-68973 https://nvd.nist.gov/vuln/detail/CVE-2025-68973 https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306 https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 https://gpg.fail/memcpy https://news.ycombinator.com/item?id=46403200 https://www.openwall.com/lists/oss-security/2025/12/28/5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68973.json https://access.redhat.com/errata/RHSA-2026:0719", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.3.3-5.el9_7", "arch_op": "pattern match" }, "78ARTcr/iVbEbtXWNEyadA==": { "id": "78ARTcr/iVbEbtXWNEyadA==", "updater": "rhel-vex", "name": "CVE-2025-15467", "description": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.", "issued": "2026-01-27T14:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15467 https://bugzilla.redhat.com/show_bug.cgi?id=2430376 https://www.cve.org/CVERecord?id=CVE-2025-15467 https://nvd.nist.gov/vuln/detail/CVE-2025-15467 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "7aI+wyLEqkIPj2Wh4f1UKg==": { "id": "7aI+wyLEqkIPj2Wh4f1UKg==", "updater": "rhel-vex", "name": "CVE-2026-40356", "description": "A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling `gss_accept_sec_context()` on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of Service (DoS).", "issued": "2026-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-40356 https://bugzilla.redhat.com/show_bug.cgi?id=2463368 https://www.cve.org/CVERecord?id=CVE-2026-40356 https://nvd.nist.gov/vuln/detail/CVE-2026-40356 https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f https://web.mit.edu/kerberos/advisories/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40356.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7eKrcl3YwGJqhWmZNbH7Eg==": { "id": "7eKrcl3YwGJqhWmZNbH7Eg==", "updater": "rhel-vex", "name": "CVE-2025-11187", "description": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11187 https://bugzilla.redhat.com/show_bug.cgi?id=2430375 https://www.cve.org/CVERecord?id=CVE-2025-11187 https://nvd.nist.gov/vuln/detail/CVE-2025-11187 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11187.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "8MfvwX+dRI6Qt2H+x71rZg==": { "id": "8MfvwX+dRI6Qt2H+x71rZg==", "updater": "rhel-vex", "name": "CVE-2025-15224", "description": "A flaw was found in libcurl. When doing SSH-based transfers using either SCP or SFTP, and asked to do\npublic key authentication, curl would wrongly still ask and authenticate using\na locally running SSH agent.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15224 https://bugzilla.redhat.com/show_bug.cgi?id=2426410 https://www.cve.org/CVERecord?id=CVE-2025-15224 https://nvd.nist.gov/vuln/detail/CVE-2025-15224 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15224.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8ZCpE1M7eqNdy615aO2gLQ==": { "id": "8ZCpE1M7eqNdy615aO2gLQ==", "updater": "rhel-vex", "name": "CVE-2026-0992", "description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0992 https://bugzilla.redhat.com/show_bug.cgi?id=2429975 https://www.cve.org/CVERecord?id=CVE-2026-0992 https://nvd.nist.gov/vuln/detail/CVE-2026-0992 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0992.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8kndQj/aRn+NNJdGVP9v4g==": { "id": "8kndQj/aRn+NNJdGVP9v4g==", "updater": "rhel-vex", "name": "CVE-2023-45322", "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "issued": "2023-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45322 https://bugzilla.redhat.com/show_bug.cgi?id=2242945 https://www.cve.org/CVERecord?id=CVE-2023-45322 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45322.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9bjl4H6CMWLL3h1g5y6i9Q==": { "id": "9bjl4H6CMWLL3h1g5y6i9Q==", "updater": "rhel-vex", "name": "CVE-2026-5928", "description": "A flaw was found in glibc (GNU C Library). When the `ungetwc` function is called on a file stream using wide characters with specific overlapping single-byte and multi-byte encodings, it may attempt to read data outside of its allocated buffer. This can lead to the unintentional disclosure of sensitive information from memory or cause the program to crash, resulting in a denial of service.", "issued": "2026-04-20T20:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5928 https://bugzilla.redhat.com/show_bug.cgi?id=2459854 https://www.cve.org/CVERecord?id=CVE-2026-5928 https://nvd.nist.gov/vuln/detail/CVE-2026-5928 https://sourceware.org/bugzilla/show_bug.cgi?id=33998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5928.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9iigvnuYDaC8UzcOIDLjIQ==": { "id": "9iigvnuYDaC8UzcOIDLjIQ==", "updater": "rhel-vex", "name": "CVE-2026-24883", "description": "A flaw was found in GnuPG. A remote attacker could provide a specially crafted long signature packet that, when processed, causes the application to crash. This vulnerability leads to a denial of service (DoS), making the GnuPG application unavailable to legitimate users.", "issued": "2026-01-27T18:43:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24883 https://bugzilla.redhat.com/show_bug.cgi?id=2433463 https://www.cve.org/CVERecord?id=CVE-2026-24883 https://nvd.nist.gov/vuln/detail/CVE-2026-24883 https://dev.gnupg.org/T8049 https://www.openwall.com/lists/oss-security/2026/01/27/8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24883.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AD3UsMwxeXvBzVWIm5l5yw==": { "id": "AD3UsMwxeXvBzVWIm5l5yw==", "updater": "rhel-vex", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "2025-05-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5278 https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://www.cve.org/CVERecord?id=CVE-2025-5278 https://nvd.nist.gov/vuln/detail/CVE-2025-5278 https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5278.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AUiFITCnRjRxctzqqbDeeA==": { "id": "AUiFITCnRjRxctzqqbDeeA==", "updater": "rhel-vex", "name": "CVE-2022-3219", "description": "A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service.", "issued": "2022-09-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://www.cve.org/CVERecord?id=CVE-2022-3219 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://dev.gnupg.org/D556 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3219.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Argl342WI7oZtgSo+p9kMA==": { "id": "Argl342WI7oZtgSo+p9kMA==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "AwYRRq6SmgfJLn2NZxQUdw==": { "id": "AwYRRq6SmgfJLn2NZxQUdw==", "updater": "rhel-vex", "name": "CVE-2024-34459", "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "issued": "2024-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34459 https://bugzilla.redhat.com/show_bug.cgi?id=2280532 https://www.cve.org/CVERecord?id=CVE-2024-34459 https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34459.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BheYJlsY7UG2Ru8eF1IU4g==": { "id": "BheYJlsY7UG2Ru8eF1IU4g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libmount", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "D7U85Qc3CYAscEzhSfT76A==": { "id": "D7U85Qc3CYAscEzhSfT76A==", "updater": "rhel-vex", "name": "CVE-2025-15467", "description": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.", "issued": "2026-01-27T14:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15467 https://bugzilla.redhat.com/show_bug.cgi?id=2430376 https://www.cve.org/CVERecord?id=CVE-2025-15467 https://nvd.nist.gov/vuln/detail/CVE-2025-15467 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "DDxCHnX+kCqcRQj9b90/cg==": { "id": "DDxCHnX+kCqcRQj9b90/cg==", "updater": "rhel-vex", "name": "CVE-2023-4156", "description": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.", "issued": "2023-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4156 https://bugzilla.redhat.com/show_bug.cgi?id=2215930 https://www.cve.org/CVERecord?id=CVE-2023-4156 https://nvd.nist.gov/vuln/detail/CVE-2023-4156 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4156.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gawk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DTApvRZh1HJD5XbbpU3ahw==": { "id": "DTApvRZh1HJD5XbbpU3ahw==", "updater": "rhel-vex", "name": "CVE-2026-1757", "description": "A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.", "issued": "2026-02-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1757 https://bugzilla.redhat.com/show_bug.cgi?id=2435940 https://www.cve.org/CVERecord?id=CVE-2026-1757 https://nvd.nist.gov/vuln/detail/CVE-2026-1757 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DrIVK8+yvV91OzF2CS9o5A==": { "id": "DrIVK8+yvV91OzF2CS9o5A==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json https://access.redhat.com/errata/RHSA-2025:22660", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:252-55.el9_7.7", "arch_op": "pattern match" }, "Eh3WlvVSpgyvj1kaA5So7g==": { "id": "Eh3WlvVSpgyvj1kaA5So7g==", "updater": "rhel-vex", "name": "CVE-2025-13601", "description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "issued": "2025-11-24T13:00:15Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13601 https://bugzilla.redhat.com/show_bug.cgi?id=2416741 https://www.cve.org/CVERecord?id=CVE-2025-13601 https://nvd.nist.gov/vuln/detail/CVE-2025-13601 https://gitlab.gnome.org/GNOME/glib/-/issues/3827 https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13601.json https://access.redhat.com/errata/RHSA-2026:0936", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.68.4-18.el9_7.1", "arch_op": "pattern match" }, "Ez8lHT2uV9Tf9vJC/T4WXg==": { "id": "Ez8lHT2uV9Tf9vJC/T4WXg==", "updater": "rhel-vex", "name": "CVE-2026-4426", "description": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4426 https://bugzilla.redhat.com/show_bug.cgi?id=2449010 https://www.cve.org/CVERecord?id=CVE-2026-4426 https://nvd.nist.gov/vuln/detail/CVE-2026-4426 https://github.com/libarchive/libarchive/pull/2897 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4426.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "F4WBuBnk4OQIl1a5Q4CVPg==": { "id": "F4WBuBnk4OQIl1a5Q4CVPg==", "updater": "rhel-vex", "name": "CVE-2025-6170", "description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "issued": "2025-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952 https://www.cve.org/CVERecord?id=CVE-2025-6170 https://nvd.nist.gov/vuln/detail/CVE-2025-6170 https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6170.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FLpBF1y0CvCfFuXOmlaRZw==": { "id": "FLpBF1y0CvCfFuXOmlaRZw==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json https://access.redhat.com/errata/RHSA-2025:22376", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.13-14.el9_7", "arch_op": "pattern match" }, "FQwXyPZ+oHyxQZ9RBQXbpw==": { "id": "FQwXyPZ+oHyxQZ9RBQXbpw==", "updater": "rhel-vex", "name": "CVE-2025-13034", "description": "A flaw was found in curl. When configured to use public key pinning with QUIC connections and GnuTLS, and with standard certificate verification explicitly disabled, curl could bypass the intended public key check. This oversight allows a malicious server to impersonate a legitimate one, potentially leading to unauthorized access or information disclosure due to a failure in verifying the server's identity.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13034 https://bugzilla.redhat.com/show_bug.cgi?id=2426406 https://www.cve.org/CVERecord?id=CVE-2025-13034 https://nvd.nist.gov/vuln/detail/CVE-2025-13034 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13034.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GAn7gWUe2pFr7PbwechqxA==": { "id": "GAn7gWUe2pFr7PbwechqxA==", "updater": "rhel-vex", "name": "CVE-2025-30258", "description": "A flaw was found in GnuPG. In affected versions, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, leading to a verification denial of service.", "issued": "2025-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30258 https://bugzilla.redhat.com/show_bug.cgi?id=2353427 https://www.cve.org/CVERecord?id=CVE-2025-30258 https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30258.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GWKQvGJTKzyU9GiQECoFhg==": { "id": "GWKQvGJTKzyU9GiQECoFhg==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "HxI42iSjURjRki+uV6q/9w==": { "id": "HxI42iSjURjRki+uV6q/9w==", "updater": "rhel-vex", "name": "CVE-2024-0232", "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0232 https://bugzilla.redhat.com/show_bug.cgi?id=2243754 https://www.cve.org/CVERecord?id=CVE-2024-0232 https://nvd.nist.gov/vuln/detail/CVE-2024-0232 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0232.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Ie7rkr8oApZOM9PK2gFB6A==": { "id": "Ie7rkr8oApZOM9PK2gFB6A==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IrRjtVOpf04EO7iAKFAznQ==": { "id": "IrRjtVOpf04EO7iAKFAznQ==", "updater": "rhel-vex", "name": "CVE-2026-0915", "description": "A flaw was found in glibc, the GNU C Library. When an application calls the `getnetbyaddr` or `getnetbyaddr_r` functions to resolve a network address, and the system's `nsswitch.conf` file is configured to use a DNS (Domain Name System) backend for network lookups, a query for a zero-valued network can lead to the disclosure of stack memory contents. This information is leaked to the configured DNS resolver, potentially allowing an attacker who controls the resolver to gain sensitive data from the affected system.", "issued": "2026-01-15T22:08:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0915 https://bugzilla.redhat.com/show_bug.cgi?id=2430201 https://www.cve.org/CVERecord?id=CVE-2026-0915 https://nvd.nist.gov/vuln/detail/CVE-2026-0915 https://sourceware.org/bugzilla/show_bug.cgi?id=33802 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0915.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "Iy2V+5RC7ENxxmnS9KdBOw==": { "id": "Iy2V+5RC7ENxxmnS9KdBOw==", "updater": "rhel-vex", "name": "CVE-2026-0915", "description": "A flaw was found in glibc, the GNU C Library. When an application calls the `getnetbyaddr` or `getnetbyaddr_r` functions to resolve a network address, and the system's `nsswitch.conf` file is configured to use a DNS (Domain Name System) backend for network lookups, a query for a zero-valued network can lead to the disclosure of stack memory contents. This information is leaked to the configured DNS resolver, potentially allowing an attacker who controls the resolver to gain sensitive data from the affected system.", "issued": "2026-01-15T22:08:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0915 https://bugzilla.redhat.com/show_bug.cgi?id=2430201 https://www.cve.org/CVERecord?id=CVE-2026-0915 https://nvd.nist.gov/vuln/detail/CVE-2026-0915 https://sourceware.org/bugzilla/show_bug.cgi?id=33802 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0915.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "JK4fCJz1Ja5lmfE/vF5PcQ==": { "id": "JK4fCJz1Ja5lmfE/vF5PcQ==", "updater": "rhel-vex", "name": "CVE-2025-66199", "description": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66199 https://bugzilla.redhat.com/show_bug.cgi?id=2430379 https://www.cve.org/CVERecord?id=CVE-2025-66199 https://nvd.nist.gov/vuln/detail/CVE-2025-66199 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66199.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "JqWXvYyB4T300h7KRcWtFA==": { "id": "JqWXvYyB4T300h7KRcWtFA==", "updater": "rhel-vex", "name": "CVE-2025-13601", "description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "issued": "2025-11-24T13:00:15Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13601 https://bugzilla.redhat.com/show_bug.cgi?id=2416741 https://www.cve.org/CVERecord?id=CVE-2025-13601 https://nvd.nist.gov/vuln/detail/CVE-2025-13601 https://gitlab.gnome.org/GNOME/glib/-/issues/3827 https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13601.json https://access.redhat.com/errata/RHSA-2026:0936", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.68.4-18.el9_7.1", "arch_op": "pattern match" }, "Jrkns8qeStFRPhcitcuZ4w==": { "id": "Jrkns8qeStFRPhcitcuZ4w==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "KCgZ2MK707GRfjAO2Q3SOA==": { "id": "KCgZ2MK707GRfjAO2Q3SOA==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "KMGV9rbVZ/vVUNSX6f+JqA==": { "id": "KMGV9rbVZ/vVUNSX6f+JqA==", "updater": "rhel-vex", "name": "CVE-2026-4111", "description": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.", "issued": "2026-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4111 https://bugzilla.redhat.com/show_bug.cgi?id=2446453 https://www.cve.org/CVERecord?id=CVE-2026-4111 https://nvd.nist.gov/vuln/detail/CVE-2026-4111 https://github.com/libarchive/libarchive/pull/2877 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4111.json https://access.redhat.com/errata/RHSA-2026:5080", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-7.el9_7", "arch_op": "pattern match" }, "Kqq2xlybjD/tOLmQWu2xPw==": { "id": "Kqq2xlybjD/tOLmQWu2xPw==", "updater": "rhel-vex", "name": "CVE-2025-5918", "description": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://www.cve.org/CVERecord?id=CVE-2025-5918 https://nvd.nist.gov/vuln/detail/CVE-2025-5918 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L1pkWyFlg006sdV2pKTg4A==": { "id": "L1pkWyFlg006sdV2pKTg4A==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-fips-provider", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LeWRqc+lggRL8KnG53e6CA==": { "id": "LeWRqc+lggRL8KnG53e6CA==", "updater": "rhel-vex", "name": "CVE-2025-6965", "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "issued": "2025-07-15T13:44:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6965 https://bugzilla.redhat.com/show_bug.cgi?id=2380149 https://www.cve.org/CVERecord?id=CVE-2025-6965 https://nvd.nist.gov/vuln/detail/CVE-2025-6965 https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6965.json https://access.redhat.com/errata/RHSA-2025:20936", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.34.1-9.el9_7", "arch_op": "pattern match" }, "Lhc4n2a9ma6eRDB/RCRmLQ==": { "id": "Lhc4n2a9ma6eRDB/RCRmLQ==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "LuirMfnv2JkWFEU8MUuKUQ==": { "id": "LuirMfnv2JkWFEU8MUuKUQ==", "updater": "rhel-vex", "name": "CVE-2025-13151", "description": "A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the `asn1_expend_octet_string` function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service (DoS) condition, making the affected system or application unavailable.", "issued": "2026-01-07T21:14:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13151 https://bugzilla.redhat.com/show_bug.cgi?id=2427698 https://www.cve.org/CVERecord?id=CVE-2025-13151 https://nvd.nist.gov/vuln/detail/CVE-2025-13151 https://gitlab.com/gnutls/libtasn1 https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13151.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LxYgcRll4fEnbCHHZWt4BA==": { "id": "LxYgcRll4fEnbCHHZWt4BA==", "updater": "rhel-vex", "name": "CVE-2026-5121", "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.", "issued": "2026-03-30T07:44:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5121 https://bugzilla.redhat.com/show_bug.cgi?id=2452945 https://www.cve.org/CVERecord?id=CVE-2026-5121 https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://github.com/advisories/GHSA-2vwv-vqpv-v8vc https://github.com/libarchive/libarchive/pull/2934 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5121.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "M293c+QguJ/aaYP3cMwfyQ==": { "id": "M293c+QguJ/aaYP3cMwfyQ==", "updater": "rhel-vex", "name": "CVE-2026-28388", "description": "A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List (CRL) that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application that has delta CRL processing enabled, leading to a Denial of Service (DoS) for the application.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28388 https://bugzilla.redhat.com/show_bug.cgi?id=2451097 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28388.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MT27FBW6q+x91HBvTyGVKQ==": { "id": "MT27FBW6q+x91HBvTyGVKQ==", "updater": "rhel-vex", "name": "CVE-2026-4046", "description": "A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the `iconv()` function. This could lead to an assertion failure, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-30T17:16:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4046 https://bugzilla.redhat.com/show_bug.cgi?id=2453117 https://www.cve.org/CVERecord?id=CVE-2026-4046 https://nvd.nist.gov/vuln/detail/CVE-2026-4046 https://packages.fedoraproject.org/pkgs/glibc/glibc-gconv-extra/ https://sourceware.org/bugzilla/show_bug.cgi?id=33980 https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4046.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "N7otM4CJgwQwy0Mz0UA3Vw==": { "id": "N7otM4CJgwQwy0Mz0UA3Vw==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "NrTzMmbWyM5UeSvnQVNLOg==": { "id": "NrTzMmbWyM5UeSvnQVNLOg==", "updater": "rhel-vex", "name": "CVE-2026-0988", "description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0988 https://bugzilla.redhat.com/show_bug.cgi?id=2429886 https://www.cve.org/CVERecord?id=CVE-2026-0988 https://nvd.nist.gov/vuln/detail/CVE-2026-0988 https://gitlab.gnome.org/GNOME/glib/-/issues/3851 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0988.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OB9n4NdBrq+3wlcM9+90Dg==": { "id": "OB9n4NdBrq+3wlcM9+90Dg==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "PUCpgzV2LGcCb5yPJbawGw==": { "id": "PUCpgzV2LGcCb5yPJbawGw==", "updater": "rhel-vex", "name": "CVE-2025-68973", "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", "issued": "2025-12-28T16:19:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68973 https://bugzilla.redhat.com/show_bug.cgi?id=2425966 https://www.cve.org/CVERecord?id=CVE-2025-68973 https://nvd.nist.gov/vuln/detail/CVE-2025-68973 https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306 https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 https://gpg.fail/memcpy https://news.ycombinator.com/item?id=46403200 https://www.openwall.com/lists/oss-security/2025/12/28/5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68973.json https://access.redhat.com/errata/RHSA-2026:0719", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.3.3-5.el9_7", "arch_op": "pattern match" }, "PrCrIesi0sSvMQjPpvxecw==": { "id": "PrCrIesi0sSvMQjPpvxecw==", "updater": "rhel-vex", "name": "CVE-2025-14512", "description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14512 https://bugzilla.redhat.com/show_bug.cgi?id=2421339 https://www.cve.org/CVERecord?id=CVE-2025-14512 https://nvd.nist.gov/vuln/detail/CVE-2025-14512 https://gitlab.gnome.org/GNOME/glib/-/issues/3845 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14512.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Pza9Y2xtH9MChVMkZwgw2A==": { "id": "Pza9Y2xtH9MChVMkZwgw2A==", "updater": "rhel-vex", "name": "CVE-2024-7264", "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "issued": "2024-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7264 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://www.cve.org/CVERecord?id=CVE-2024-7264 https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7264.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Q6o565VsHFcmyuOW6jCOGw==": { "id": "Q6o565VsHFcmyuOW6jCOGw==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "QSP4YGVknCXnnhDrDAxftg==": { "id": "QSP4YGVknCXnnhDrDAxftg==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json https://access.redhat.com/errata/RHSA-2025:22660", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:252-55.el9_7.7", "arch_op": "pattern match" }, "Qbjoqw6Ot3cGOKNyQYBo4g==": { "id": "Qbjoqw6Ot3cGOKNyQYBo4g==", "updater": "rhel-vex", "name": "CVE-2025-14087", "description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14087 https://bugzilla.redhat.com/show_bug.cgi?id=2419093 https://www.cve.org/CVERecord?id=CVE-2025-14087 https://nvd.nist.gov/vuln/detail/CVE-2025-14087 https://gitlab.gnome.org/GNOME/glib/-/issues/3834 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14087.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QskDoDnTSvrQeDXklM4YOw==": { "id": "QskDoDnTSvrQeDXklM4YOw==", "updater": "rhel-vex", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "2026-03-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4105 https://bugzilla.redhat.com/show_bug.cgi?id=2447262 https://www.cve.org/CVERecord?id=CVE-2026-4105 https://nvd.nist.gov/vuln/detail/CVE-2026-4105 https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4105.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RHShqbO2hqcBNPYbKDg/3A==": { "id": "RHShqbO2hqcBNPYbKDg/3A==", "updater": "rhel-vex", "name": "CVE-2026-6732", "description": "A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.", "issued": "2026-04-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6732 https://bugzilla.redhat.com/show_bug.cgi?id=2461300 https://www.cve.org/CVERecord?id=CVE-2026-6732 https://nvd.nist.gov/vuln/detail/CVE-2026-6732 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1097 https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/411 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6732.json", "severity": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "S5Dzz9cigoJDCj8s5UcT0g==": { "id": "S5Dzz9cigoJDCj8s5UcT0g==", "updater": "rhel-vex", "name": "CVE-2022-41409", "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-41409 https://bugzilla.redhat.com/show_bug.cgi?id=2260814 https://www.cve.org/CVERecord?id=CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 https://github.com/PCRE2Project/pcre2/issues/141 https://github.com/advisories/GHSA-4qfx-v7wh-3q4j https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-41409.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SYSyRuW2vXdWcXLSfRP1aQ==": { "id": "SYSyRuW2vXdWcXLSfRP1aQ==", "updater": "rhel-vex", "name": "CVE-2025-15281", "description": "A flaw was found in glibc. When the wordexp function is called with the flags WRDE_REUSE and WRDE_APPEND, it may return uninitialized memory. If the caller inspects the we_wordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of service.", "issued": "2026-01-20T13:22:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15281 https://bugzilla.redhat.com/show_bug.cgi?id=2431196 https://www.cve.org/CVERecord?id=CVE-2025-15281 https://nvd.nist.gov/vuln/detail/CVE-2025-15281 https://sourceware.org/bugzilla/show_bug.cgi?id=33814 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15281.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "T+jfDhqJcXwVQ38oWEz/6g==": { "id": "T+jfDhqJcXwVQ38oWEz/6g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libsmartcols", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "TccjTp2Y8sTyWrjrm24IKA==": { "id": "TccjTp2Y8sTyWrjrm24IKA==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libmount", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "TwoNniaY2Urt7TF64epJXg==": { "id": "TwoNniaY2Urt7TF64epJXg==", "updater": "rhel-vex", "name": "CVE-2026-31790", "description": "A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without proper validation. Consequently, the application might send the contents of an uninitialized memory buffer, which could contain confidential information, to the attacker.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31790 https://bugzilla.redhat.com/show_bug.cgi?id=2451094 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31790.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VWEbeFnFOHy1IkG21b5a5g==": { "id": "VWEbeFnFOHy1IkG21b5a5g==", "updater": "rhel-vex", "name": "CVE-2023-30571", "description": "A vulnerability was found in libarchive. This issue can cause a race condition in a multi-threaded use of archive_write_disk_header() on posix based systems, which could allow implicit directory creation with permissions 777, without sticky bit, which means any low privileged user on the system can delete and rename files inside those directories.", "issued": "2023-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-30571 https://bugzilla.redhat.com/show_bug.cgi?id=2210921 https://www.cve.org/CVERecord?id=CVE-2023-30571 https://nvd.nist.gov/vuln/detail/CVE-2023-30571 https://access.redhat.com/solutions/7033331 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-30571.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VYGbkY0i6P3tRJd9mM1wNg==": { "id": "VYGbkY0i6P3tRJd9mM1wNg==", "updater": "rhel-vex", "name": "CVE-2026-1489", "description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1489 https://bugzilla.redhat.com/show_bug.cgi?id=2433348 https://www.cve.org/CVERecord?id=CVE-2026-1489 https://nvd.nist.gov/vuln/detail/CVE-2026-1489 https://gitlab.gnome.org/GNOME/glib/-/issues/3872 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1489.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VzbOWZs6Sa8zFH+GQEnasQ==": { "id": "VzbOWZs6Sa8zFH+GQEnasQ==", "updater": "rhel-vex", "name": "CVE-2026-4878", "description": "A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.", "issued": "2026-04-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2451615 https://www.cve.org/CVERecord?id=CVE-2026-4878 https://nvd.nist.gov/vuln/detail/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2447554 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4878.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libcap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WP0Zjo/ORuC7+jbSIrru8A==": { "id": "WP0Zjo/ORuC7+jbSIrru8A==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "WVv0x6iWhzRgZZTPZ190Ng==": { "id": "WVv0x6iWhzRgZZTPZ190Ng==", "updater": "rhel-vex", "name": "CVE-2026-28386", "description": "A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service (DoS). This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequent page is unmapped. This can lead to an out-of-bounds read of up to 15 bytes and a potential application crash.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28386 https://bugzilla.redhat.com/show_bug.cgi?id=2451099 https://www.cve.org/CVERecord?id=CVE-2026-28386 https://nvd.nist.gov/vuln/detail/CVE-2026-28386 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28386.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WxO9le6q4ACTs4KnSuckDw==": { "id": "WxO9le6q4ACTs4KnSuckDw==", "updater": "rhel-vex", "name": "CVE-2024-56433", "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "issued": "2024-12-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56433 https://bugzilla.redhat.com/show_bug.cgi?id=2334165 https://www.cve.org/CVERecord?id=CVE-2024-56433 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56433.json https://access.redhat.com/errata/RHSA-2025:20559", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "shadow-utils", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "2:4.9-15.el9", "arch_op": "pattern match" }, "X7DmUVoCri5i6vdYVBBgXg==": { "id": "X7DmUVoCri5i6vdYVBBgXg==", "updater": "rhel-vex", "name": "CVE-2026-1965", "description": "A flaw was found in curl. When an application uses libcurl to make multiple Negotiate-authenticated HTTP or HTTPS requests to the same server with different credentials, libcurl may incorrectly reuse an existing connection. This logical error can cause a subsequent request to be sent using the authentication of a previous user, leading to an authentication bypass.", "issued": "2026-03-11T10:08:52Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1965 https://bugzilla.redhat.com/show_bug.cgi?id=2446448 https://www.cve.org/CVERecord?id=CVE-2026-1965 https://nvd.nist.gov/vuln/detail/CVE-2026-1965 https://curl.se/docs/CVE-2026-1965.html https://curl.se/docs/CVE-2026-1965.json https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1965.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XPUXyp+BOEJyEGOgXafi8Q==": { "id": "XPUXyp+BOEJyEGOgXafi8Q==", "updater": "rhel-vex", "name": "CVE-2022-27943", "description": "A flaw was found in binutils, where GNU GCC is vulnerable to a denial of service caused by a stack consumption in the demangle_const() function in libiberty/rust-demangle.c. The vulnerability exists due to the application not properly controlling the consumption of internal resources. By persuading a victim to open a specially-crafted file, an attacker could cause a denial of service.", "issued": "2022-03-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27943 https://bugzilla.redhat.com/show_bug.cgi?id=2071728 https://www.cve.org/CVERecord?id=CVE-2022-27943 https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27943.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XdzUGUJMTsfPfs79OXKU4Q==": { "id": "XdzUGUJMTsfPfs79OXKU4Q==", "updater": "rhel-vex", "name": "CVE-2025-14831", "description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "issued": "2026-02-09T14:26:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14831 https://bugzilla.redhat.com/show_bug.cgi?id=2423177 https://www.cve.org/CVERecord?id=CVE-2025-14831 https://nvd.nist.gov/vuln/detail/CVE-2025-14831 https://gitlab.com/gnutls/gnutls/-/issues/1773 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14831.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "YIlv6HIDfGqvZL/MDTWWpg==": { "id": "YIlv6HIDfGqvZL/MDTWWpg==", "updater": "rhel-vex", "name": "CVE-2026-3805", "description": "A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.", "issued": "2026-03-11T10:09:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3805 https://bugzilla.redhat.com/show_bug.cgi?id=2446451 https://www.cve.org/CVERecord?id=CVE-2026-3805 https://nvd.nist.gov/vuln/detail/CVE-2026-3805 http://www.openwall.com/lists/oss-security/2026/03/11/4 https://curl.se/docs/CVE-2026-3805.html https://curl.se/docs/CVE-2026-3805.json https://hackerone.com/reports/3591944 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3805.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YX2rGofSXHBcNhTOGpNkAA==": { "id": "YX2rGofSXHBcNhTOGpNkAA==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "YtNpM5pykErH+UBXZABWdg==": { "id": "YtNpM5pykErH+UBXZABWdg==", "updater": "rhel-vex", "name": "CVE-2026-28390", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter field without first verifying its presence. This leads to a NULL pointer dereference, which can cause applications processing the attacker-controlled CMS data to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T22:00:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28390 https://bugzilla.redhat.com/show_bug.cgi?id=2456314 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28390.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a9FllBAJiFi5FeYl0KG4aQ==": { "id": "a9FllBAJiFi5FeYl0KG4aQ==", "updater": "rhel-vex", "name": "CVE-2024-11053", "description": "A flaw was found in curl. A logic error when processing credentials from the .netrc file while performing redirects allows the transfer of credentials from the original host to the followed-to host under certain circumstances, leaking the credentials to the followed-to host.", "issued": "2024-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11053 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://www.cve.org/CVERecord?id=CVE-2024-11053 https://nvd.nist.gov/vuln/detail/CVE-2024-11053 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11053.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "aOUfuyvyyWEe7Z1IZT+fGw==": { "id": "aOUfuyvyyWEe7Z1IZT+fGw==", "updater": "rhel-vex", "name": "CVE-2026-34743", "description": "A flaw was found in XZ Utils. When the `lzma_index_decoder()` function processes an empty index, and a subsequent `lzma_index_append()` operation is performed, insufficient memory is allocated. This can lead to a buffer overflow, potentially causing a denial of service (DoS) for affected systems.", "issued": "2026-04-02T18:36:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34743 https://bugzilla.redhat.com/show_bug.cgi?id=2454589 https://www.cve.org/CVERecord?id=CVE-2026-34743 https://nvd.nist.gov/vuln/detail/CVE-2026-34743 https://github.com/tukaani-project/xz/commit/c8c22869e780ff57c96b46939c3d79ff99395f87 https://github.com/tukaani-project/xz/releases/tag/v5.8.3 https://github.com/tukaani-project/xz/security/advisories/GHSA-x872-m794-cxhv https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34743.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "xz", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "bOC69k4Gpn8Av1w/ra2Tdw==": { "id": "bOC69k4Gpn8Av1w/ra2Tdw==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libuuid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "bgJs7DKkcMwNTsh9yTDgQg==": { "id": "bgJs7DKkcMwNTsh9yTDgQg==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libblkid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "bjyLMZdYnkrpUxDySiQ34Q==": { "id": "bjyLMZdYnkrpUxDySiQ34Q==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "bugTfOdgCaATW4vTnuXTSQ==": { "id": "bugTfOdgCaATW4vTnuXTSQ==", "updater": "rhel-vex", "name": "CVE-2025-70873", "description": "A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive heap memory information.", "issued": "2026-03-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-70873 https://bugzilla.redhat.com/show_bug.cgi?id=2447086 https://www.cve.org/CVERecord?id=CVE-2025-70873 https://nvd.nist.gov/vuln/detail/CVE-2025-70873 https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054 https://sqlite.org/forum/forumpost/761eac3c82 https://sqlite.org/src/info/3d459f1fb1bd1b5e https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-70873.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "d/522T+B/ARMNSG+3QfAWA==": { "id": "d/522T+B/ARMNSG+3QfAWA==", "updater": "rhel-vex", "name": "CVE-2026-22185", "description": "A flaw was found in OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load. When processing malformed input, a local attacker can exploit a heap buffer underflow vulnerability in the readline() function. This can lead to an out-of-bounds read, potentially causing a denial of service (DoS) and limited disclosure of heap memory contents.", "issued": "2026-01-07T20:26:30Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22185 https://bugzilla.redhat.com/show_bug.cgi?id=2427679 https://www.cve.org/CVERecord?id=CVE-2026-22185 https://nvd.nist.gov/vuln/detail/CVE-2026-22185 https://seclists.org/fulldisclosure/2026/Jan/5 https://seclists.org/fulldisclosure/2026/Jan/8 https://www.openldap.org/ https://www.vulncheck.com/advisories/openldap-lmdb-mdb-load-heap-buffer-underflow-in-readline https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22185.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openldap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e/EuZlSZUQTHCSl8kHuFag==": { "id": "e/EuZlSZUQTHCSl8kHuFag==", "updater": "rhel-vex", "name": "CVE-2025-11187", "description": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11187 https://bugzilla.redhat.com/show_bug.cgi?id=2430375 https://www.cve.org/CVERecord?id=CVE-2025-11187 https://nvd.nist.gov/vuln/detail/CVE-2025-11187 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11187.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "e0/Fzu8wfMZp9zX32i9rMQ==": { "id": "e0/Fzu8wfMZp9zX32i9rMQ==", "updater": "rhel-vex", "name": "CVE-2026-27456", "description": "A flaw was found in util-linux. When an /etc/fstab entry is configured with the user,loop options, the `mount` program checks the file path with user permissions but later opens it with root privileges. This creates a brief Time-of-Check-Time-of-Use (TOCTOU) window where an attacker can substitute the intended file with a malicious symbolic link. This allows a local unprivileged user to mount any root-owned file or block device that contains a valid filesystem, gaining full read access to its contents.", "issued": "2026-04-03T21:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27456 https://bugzilla.redhat.com/show_bug.cgi?id=2454956 https://www.cve.org/CVERecord?id=CVE-2026-27456 https://nvd.nist.gov/vuln/detail/CVE-2026-27456 https://github.com/util-linux/util-linux/commit/5e390467b26a3cf3fecc04e1a0d482dff3162fc4 https://github.com/util-linux/util-linux/releases/tag/v2.41.4 https://github.com/util-linux/util-linux/security/advisories/GHSA-qq4x-vfq4-9h9g https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27456.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e0VfCD1REapdkagkByCnXQ==": { "id": "e0VfCD1REapdkagkByCnXQ==", "updater": "rhel-vex", "name": "CVE-2025-3360", "description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "issued": "2025-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3360 https://bugzilla.redhat.com/show_bug.cgi?id=2357754 https://www.cve.org/CVERecord?id=CVE-2025-3360 https://nvd.nist.gov/vuln/detail/CVE-2025-3360 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3360.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eUh0vSDVmqXTnsB7jL0b4g==": { "id": "eUh0vSDVmqXTnsB7jL0b4g==", "updater": "rhel-vex", "name": "CVE-2026-5121", "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.", "issued": "2026-03-30T07:44:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5121 https://bugzilla.redhat.com/show_bug.cgi?id=2452945 https://www.cve.org/CVERecord?id=CVE-2026-5121 https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://github.com/advisories/GHSA-2vwv-vqpv-v8vc https://github.com/libarchive/libarchive/pull/2934 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5121.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "f6oGdnhZomBa/bs3snB3kA==": { "id": "f6oGdnhZomBa/bs3snB3kA==", "updater": "rhel-vex", "name": "CVE-2025-14831", "description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "issued": "2026-02-09T14:26:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14831 https://bugzilla.redhat.com/show_bug.cgi?id=2423177 https://www.cve.org/CVERecord?id=CVE-2025-14831 https://nvd.nist.gov/vuln/detail/CVE-2025-14831 https://gitlab.com/gnutls/gnutls/-/issues/1773 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14831.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "fFM0zIKtKuexRqlZMkzQpg==": { "id": "fFM0zIKtKuexRqlZMkzQpg==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "g6ZHihkpvpkr3oZoVOs05w==": { "id": "g6ZHihkpvpkr3oZoVOs05w==", "updater": "rhel-vex", "name": "CVE-2025-6965", "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "issued": "2025-07-15T13:44:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6965 https://bugzilla.redhat.com/show_bug.cgi?id=2380149 https://www.cve.org/CVERecord?id=CVE-2025-6965 https://nvd.nist.gov/vuln/detail/CVE-2025-6965 https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6965.json https://access.redhat.com/errata/RHSA-2025:20936", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.34.1-9.el9_7", "arch_op": "pattern match" }, "hHDtCxiuvJ9VSCSwnEG0Fw==": { "id": "hHDtCxiuvJ9VSCSwnEG0Fw==", "updater": "rhel-vex", "name": "CVE-2026-27135", "description": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).", "issued": "2026-03-18T17:59:02Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27135 https://bugzilla.redhat.com/show_bug.cgi?id=2448754 https://www.cve.org/CVERecord?id=CVE-2026-27135 https://nvd.nist.gov/vuln/detail/CVE-2026-27135 https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1 https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27135.json https://access.redhat.com/errata/RHSA-2026:7668", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libnghttp2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.43.0-6.el9_7.1", "arch_op": "pattern match" }, "iF/o4aDbQf1DAw7R+LiVQw==": { "id": "iF/o4aDbQf1DAw7R+LiVQw==", "updater": "rhel-vex", "name": "CVE-2025-68972", "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", "issued": "2025-12-27T22:52:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68972 https://bugzilla.redhat.com/show_bug.cgi?id=2425646 https://www.cve.org/CVERecord?id=CVE-2025-68972 https://nvd.nist.gov/vuln/detail/CVE-2025-68972 https://gpg.fail/formfeed https://news.ycombinator.com/item?id=46404339 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68972.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ija3h8P09PxwjEuLSUS2HA==": { "id": "ija3h8P09PxwjEuLSUS2HA==", "updater": "rhel-vex", "name": "CVE-2026-4438", "description": "A flaw was found in the GNU C library (glibc). When applications use the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to applications receiving incorrect hostname information, potentially impacting network operations or security decisions.", "issued": "2026-03-20T19:59:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4438 https://bugzilla.redhat.com/show_bug.cgi?id=2449783 https://www.cve.org/CVERecord?id=CVE-2026-4438 https://nvd.nist.gov/vuln/detail/CVE-2026-4438 https://sourceware.org/bugzilla/show_bug.cgi?id=34015 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4438.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ixD2h349uZz3eCy55KxIlw==": { "id": "ixD2h349uZz3eCy55KxIlw==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "ixc06f0H9vqMfsbwQSwwvA==": { "id": "ixc06f0H9vqMfsbwQSwwvA==", "updater": "rhel-vex", "name": "CVE-2023-32636", "description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 https://www.cve.org/CVERecord?id=CVE-2023-32636 https://nvd.nist.gov/vuln/detail/CVE-2023-32636 https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32636.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "j/vFtwZCr4ow5q2VPKgR9g==": { "id": "j/vFtwZCr4ow5q2VPKgR9g==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "jiVVTQmOtKqVixv7agF/Hg==": { "id": "jiVVTQmOtKqVixv7agF/Hg==", "updater": "rhel-vex", "name": "CVE-2025-27113", "description": "A flaw was found in libxml2. This vulnerability allows a NULL pointer dereference, leading to a potential crash or denial of service via a crafted XML pattern.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27113 https://bugzilla.redhat.com/show_bug.cgi?id=2346410 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27113.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "klH60uFrR0WkawaSlcOEKg==": { "id": "klH60uFrR0WkawaSlcOEKg==", "updater": "rhel-vex", "name": "CVE-2026-1484", "description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1484 https://bugzilla.redhat.com/show_bug.cgi?id=2433259 https://www.cve.org/CVERecord?id=CVE-2026-1484 https://nvd.nist.gov/vuln/detail/CVE-2026-1484 https://gitlab.gnome.org/GNOME/glib/-/issues/3870 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1484.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "l1pK1ezh6e0g8I+Dp2iK7w==": { "id": "l1pK1ezh6e0g8I+Dp2iK7w==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "l6IrI73Pg+lrisEtcgX+0Q==": { "id": "l6IrI73Pg+lrisEtcgX+0Q==", "updater": "rhel-vex", "name": "CVE-2026-3784", "description": "A flaw was found in curl. This vulnerability allows curl to wrongly reuse an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different authentication credentials for the HTTP proxy. This improper connection reuse could lead to an attacker gaining unauthorized access to resources or information intended for a different user.", "issued": "2026-03-11T10:09:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3784 https://bugzilla.redhat.com/show_bug.cgi?id=2446449 https://www.cve.org/CVERecord?id=CVE-2026-3784 https://nvd.nist.gov/vuln/detail/CVE-2026-3784 http://www.openwall.com/lists/oss-security/2026/03/11/3 https://curl.se/docs/CVE-2026-3784.html https://curl.se/docs/CVE-2026-3784.json https://hackerone.com/reports/3584903 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3784.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lQBARBTddFvexevUD04GZA==": { "id": "lQBARBTddFvexevUD04GZA==", "updater": "rhel-vex", "name": "CVE-2026-5745", "description": "A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare \"d\" or \"default\" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5745 https://bugzilla.redhat.com/show_bug.cgi?id=2455921 https://www.cve.org/CVERecord?id=CVE-2026-5745 https://nvd.nist.gov/vuln/detail/CVE-2026-5745 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5745.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lppk3oI+Rm/KVCEYBGVKcg==": { "id": "lppk3oI+Rm/KVCEYBGVKcg==", "updater": "rhel-vex", "name": "CVE-2026-40355", "description": "A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling `gss_accept_sec_context()` on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service (DoS).", "issued": "2026-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-40355 https://bugzilla.redhat.com/show_bug.cgi?id=2463370 https://www.cve.org/CVERecord?id=CVE-2026-40355 https://nvd.nist.gov/vuln/detail/CVE-2026-40355 https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f https://web.mit.edu/kerberos/advisories/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40355.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mJw+LvAbCoVMIOZXCXNFpg==": { "id": "mJw+LvAbCoVMIOZXCXNFpg==", "updater": "rhel-vex", "name": "CVE-2025-5916", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://www.cve.org/CVERecord?id=CVE-2025-5916 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5916.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mYgwcPpa/l0bTZdysqbplg==": { "id": "mYgwcPpa/l0bTZdysqbplg==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json https://access.redhat.com/errata/RHSA-2025:22376", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.13-14.el9_7", "arch_op": "pattern match" }, "mZCCwO//htsOIXazj/SeOw==": { "id": "mZCCwO//htsOIXazj/SeOw==", "updater": "rhel-vex", "name": "CVE-2026-31789", "description": "A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an attacker to execute arbitrary code. This issue is considered low severity due to the specific conditions required for exploitation, including the need for an extremely large certificate and a 32-bit operating environment.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31789 https://bugzilla.redhat.com/show_bug.cgi?id=2451095 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31789.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ncqqUTuMttuUZ8SF9/Ywrg==": { "id": "ncqqUTuMttuUZ8SF9/Ywrg==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "oqSc7q4k6wTno/u9knscCQ==": { "id": "oqSc7q4k6wTno/u9knscCQ==", "updater": "rhel-vex", "name": "CVE-2024-9681", "description": "A vulnerability was found in curl. When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than intended.", "issued": "2024-11-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-9681 https://bugzilla.redhat.com/show_bug.cgi?id=2322969 https://www.cve.org/CVERecord?id=CVE-2024-9681 https://nvd.nist.gov/vuln/detail/CVE-2024-9681 https://hackerone.com/reports/2764830 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-9681.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qFIYjZJeFnLAVC7lR0n6oQ==": { "id": "qFIYjZJeFnLAVC7lR0n6oQ==", "updater": "rhel-vex", "name": "CVE-2026-0989", "description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0989 https://bugzilla.redhat.com/show_bug.cgi?id=2429933 https://www.cve.org/CVERecord?id=CVE-2026-0989 https://nvd.nist.gov/vuln/detail/CVE-2026-0989 https://gitlab.gnome.org/GNOME/libxml2/-/issues/998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0989.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rz/CPeG1fPitayrSa0BFxQ==": { "id": "rz/CPeG1fPitayrSa0BFxQ==", "updater": "rhel-vex", "name": "CVE-2025-9086", "description": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.", "issued": "2025-09-12T05:10:03Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9086 https://bugzilla.redhat.com/show_bug.cgi?id=2394750 https://www.cve.org/CVERecord?id=CVE-2025-9086 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9086.json https://access.redhat.com/errata/RHSA-2026:1350", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl-minimal", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:7.76.1-35.el9_7.3", "arch_op": "pattern match" }, "sJNoOKrtqJYf9M2tWcTlqg==": { "id": "sJNoOKrtqJYf9M2tWcTlqg==", "updater": "rhel-vex", "name": "CVE-2025-15281", "description": "A flaw was found in glibc. When the wordexp function is called with the flags WRDE_REUSE and WRDE_APPEND, it may return uninitialized memory. If the caller inspects the we_wordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of service.", "issued": "2026-01-20T13:22:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15281 https://bugzilla.redhat.com/show_bug.cgi?id=2431196 https://www.cve.org/CVERecord?id=CVE-2025-15281 https://nvd.nist.gov/vuln/detail/CVE-2025-15281 https://sourceware.org/bugzilla/show_bug.cgi?id=33814 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15281.json https://access.redhat.com/errata/RHSA-2026:2786", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.34-231.el9_7.10", "arch_op": "pattern match" }, "smB1yCGhBb8gDhPAER7odg==": { "id": "smB1yCGhBb8gDhPAER7odg==", "updater": "rhel-vex", "name": "CVE-2025-14524", "description": "A flaw was found in curl. When an OAuth2 (Open Authorization) bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a different scheme like IMAP, LDAP, POP3, or SMTP, curl might incorrectly pass the bearer token to the new target host. This could lead to information disclosure, where sensitive authentication tokens are exposed to unintended recipients.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14524 https://bugzilla.redhat.com/show_bug.cgi?id=2426407 https://www.cve.org/CVERecord?id=CVE-2025-14524 https://nvd.nist.gov/vuln/detail/CVE-2025-14524 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14524.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "svCt47J2Zwa45xj8gn3U/w==": { "id": "svCt47J2Zwa45xj8gn3U/w==", "updater": "rhel-vex", "name": "CVE-2026-1485", "description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1485 https://bugzilla.redhat.com/show_bug.cgi?id=2433325 https://www.cve.org/CVERecord?id=CVE-2026-1485 https://nvd.nist.gov/vuln/detail/CVE-2026-1485 https://gitlab.gnome.org/GNOME/glib/-/issues/3871 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1485.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sykv+pGN4TXggZNIwL/H4g==": { "id": "sykv+pGN4TXggZNIwL/H4g==", "updater": "rhel-vex", "name": "CVE-2025-5915", "description": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://www.cve.org/CVERecord?id=CVE-2025-5915 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5915.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tbhLz74i3ShwS72WbIsoOA==": { "id": "tbhLz74i3ShwS72WbIsoOA==", "updater": "rhel-vex", "name": "CVE-2023-50495", "description": "A vulnerability was found in the NCurses package, where a segmentation fault may be triggered through _nc_wrap_entry().", "issued": "2023-12-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-50495 https://bugzilla.redhat.com/show_bug.cgi?id=2254244 https://www.cve.org/CVERecord?id=CVE-2023-50495 https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-50495.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u0cs09LPRVEEfen4PHM6gA==": { "id": "u0cs09LPRVEEfen4PHM6gA==", "updater": "rhel-vex", "name": "CVE-2026-0990", "description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0990 https://bugzilla.redhat.com/show_bug.cgi?id=2429959 https://www.cve.org/CVERecord?id=CVE-2026-0990 https://nvd.nist.gov/vuln/detail/CVE-2026-0990 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0990.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u90uEyQ6vxfKeIQvjGNTHQ==": { "id": "u90uEyQ6vxfKeIQvjGNTHQ==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "uWz4SaM79VpO4EPAy+0C8g==": { "id": "uWz4SaM79VpO4EPAy+0C8g==", "updater": "rhel-vex", "name": "CVE-2026-5435", "description": "A flaw was found in glibc, the GNU C Library. Specifically, deprecated functions responsible for printing TSIG (Transaction Signature) records fail to properly manage memory buffers. This oversight can lead to an out-of-bounds write when processing specially crafted TSIG records. An attacker could exploit this to cause a denial of service or potentially execute arbitrary code.", "issued": "2026-04-28T11:58:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5435 https://bugzilla.redhat.com/show_bug.cgi?id=2463465 https://www.cve.org/CVERecord?id=CVE-2026-5435 https://nvd.nist.gov/vuln/detail/CVE-2026-5435 https://inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/#u https://sourceware.org/bugzilla/show_bug.cgi?id=34033 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5435.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uaetuJImncB6wudykQLpEA==": { "id": "uaetuJImncB6wudykQLpEA==", "updater": "rhel-vex", "name": "CVE-2025-1632", "description": "A flaw was found in the bsdunzip utility of libarchive. In affected versions, a specially crafted file may trigger a null pointer dereference. This issue can lead to an application crash or other unexpected behavior. This bug does not compromise the integrity or availability of the base system.", "issued": "2025-02-24T13:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1632 https://bugzilla.redhat.com/show_bug.cgi?id=2347309 https://www.cve.org/CVERecord?id=CVE-2025-1632 https://nvd.nist.gov/vuln/detail/CVE-2025-1632 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1632.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uu3d3lIlYVCZwOjqoNec3g==": { "id": "uu3d3lIlYVCZwOjqoNec3g==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libblkid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "vQmd/px1n2vUjUceHOjVLA==": { "id": "vQmd/px1n2vUjUceHOjVLA==", "updater": "rhel-vex", "name": "CVE-2026-29111", "description": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).", "issued": "2026-03-23T21:03:56Z", "links": "https://access.redhat.com/security/cve/CVE-2026-29111 https://bugzilla.redhat.com/show_bug.cgi?id=2450505 https://www.cve.org/CVERecord?id=CVE-2026-29111 https://nvd.nist.gov/vuln/detail/CVE-2026-29111 https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6 https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412 https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69 https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6 https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8 https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29111.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vtpIIEEoAREfzDi0+K26Fg==": { "id": "vtpIIEEoAREfzDi0+K26Fg==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json https://access.redhat.com/errata/RHSA-2026:8510", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-9.el9_7", "arch_op": "pattern match" }, "xxrOMZzPk7ETmnvrIjBo0A==": { "id": "xxrOMZzPk7ETmnvrIjBo0A==", "updater": "rhel-vex", "name": "CVE-2025-60753", "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", "issued": "2025-11-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-60753 https://bugzilla.redhat.com/show_bug.cgi?id=2412648 https://www.cve.org/CVERecord?id=CVE-2025-60753 https://nvd.nist.gov/vuln/detail/CVE-2025-60753 https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753 https://github.com/libarchive/libarchive/issues/2725 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-60753.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "y/3qWQj3xOUQpm2CUr+ftg==": { "id": "y/3qWQj3xOUQpm2CUr+ftg==", "updater": "rhel-vex", "name": "CVE-2025-9820", "description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "issued": "2025-11-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9820 https://bugzilla.redhat.com/show_bug.cgi?id=2392528 https://www.cve.org/CVERecord?id=CVE-2025-9820 https://nvd.nist.gov/vuln/detail/CVE-2025-9820 https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5 https://gitlab.com/gnutls/gnutls/-/issues/1732 https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9820.json https://access.redhat.com/errata/RHSA-2026:4188", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.8.3-10.el9_7", "arch_op": "pattern match" }, "y7I268PAr74OoToX85XE8w==": { "id": "y7I268PAr74OoToX85XE8w==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json https://access.redhat.com/errata/RHSA-2026:1473", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-7.el9_7", "arch_op": "pattern match" }, "yUucg71orzE08FiDgaKBPQ==": { "id": "yUucg71orzE08FiDgaKBPQ==", "updater": "rhel-vex", "name": "CVE-2025-9230", "description": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9230 https://bugzilla.redhat.com/show_bug.cgi?id=2396054 https://www.cve.org/CVERecord?id=CVE-2025-9230 https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9230.json https://access.redhat.com/errata/RHSA-2025:21255", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:3.5.1-4.el9_7", "arch_op": "pattern match" }, "ymKqobod4xPivmLT/iq9oQ==": { "id": "ymKqobod4xPivmLT/iq9oQ==", "updater": "rhel-vex", "name": "CVE-2026-41990", "description": "A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a bounds check when writing to a static array. While the data involved is not directly controlled by an attacker, this vulnerability could lead to memory corruption, potentially resulting in a denial of service (DoS) or affecting data integrity.", "issued": "2026-04-23T04:39:04Z", "links": "https://access.redhat.com/security/cve/CVE-2026-41990 https://bugzilla.redhat.com/show_bug.cgi?id=2461068 https://www.cve.org/CVERecord?id=CVE-2026-41990 https://nvd.nist.gov/vuln/detail/CVE-2026-41990 https://dev.gnupg.org/T8208 https://lists.gnupg.org/pipermail/gnupg-announce/2026q2/000503.html https://www.openwall.com/lists/oss-security/2026/04/21/1 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41990.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yzZzF1vLZmeTiLJMgY7W0Q==": { "id": "yzZzF1vLZmeTiLJMgY7W0Q==", "updater": "rhel-vex", "name": "CVE-2025-7039", "description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "issued": "2025-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-7039 https://bugzilla.redhat.com/show_bug.cgi?id=2392423 https://www.cve.org/CVERecord?id=CVE-2025-7039 https://nvd.nist.gov/vuln/detail/CVE-2025-7039 https://gitlab.gnome.org/GNOME/glib/-/issues/3716 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-7039.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "z/beWyrkyrQJfgGCkMIsWg==": { "id": "z/beWyrkyrQJfgGCkMIsWg==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libsmartcols", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "zmNQpHydwXFAJmLcFFYiyQ==": { "id": "zmNQpHydwXFAJmLcFFYiyQ==", "updater": "rhel-vex", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369 https://www.cve.org/CVERecord?id=CVE-2025-14104 https://nvd.nist.gov/vuln/detail/CVE-2025-14104 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14104.json https://access.redhat.com/errata/RHSA-2026:1913", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libuuid", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.37.4-21.el9_7", "arch_op": "pattern match" }, "znnZtQrOfSxqGV/OZKzI5g==": { "id": "znnZtQrOfSxqGV/OZKzI5g==", "updater": "rhel-vex", "name": "CVE-2026-4111", "description": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.", "issued": "2026-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4111 https://bugzilla.redhat.com/show_bug.cgi?id=2446453 https://www.cve.org/CVERecord?id=CVE-2026-4111 https://nvd.nist.gov/vuln/detail/CVE-2026-4111 https://github.com/libarchive/libarchive/pull/2877 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4111.json https://access.redhat.com/errata/RHSA-2026:5080", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.5.3-7.el9_7", "arch_op": "pattern match" }, "zqGJegkbTlVqcHBa6HtRTQ==": { "id": "zqGJegkbTlVqcHBa6HtRTQ==", "updater": "rhel-vex", "name": "CVE-2025-14017", "description": "A flaw was found in curl. When performing multi-threaded LDAPS (Lightweight Directory Access Protocol Secure) transfers, changes to Transport Layer Security (TLS) options in one thread could inadvertently apply globally, affecting other concurrent transfers. This could lead to unintended security posture changes, such as disabling certificate verification for other threads. This vulnerability can result in a security bypass, where expected security checks are not performed.", "issued": "2026-01-08T10:07:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14017 https://bugzilla.redhat.com/show_bug.cgi?id=2427870 https://www.cve.org/CVERecord?id=CVE-2025-14017 https://nvd.nist.gov/vuln/detail/CVE-2025-14017 https://curl.se/docs/CVE-2025-14017.html https://curl.se/docs/CVE-2025-14017.json https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14017.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" } }, "package_vulnerabilities": { "+bwl6UbMaWOBWdHNekJsEw==": [ "AD3UsMwxeXvBzVWIm5l5yw==" ], "/L1kFEoHZTukrNTCQLypFQ==": [ "aOUfuyvyyWEe7Z1IZT+fGw==" ], "/ub7EE8Da46T0x7lRdlVJg==": [ "z/beWyrkyrQJfgGCkMIsWg==", "T+jfDhqJcXwVQ38oWEz/6g==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "2gCbp4kt+cF44NF/LqukDg==": [ "S5Dzz9cigoJDCj8s5UcT0g==" ], "6WyRl8U3PR6ipKlxqlBzFA==": [ "tbhLz74i3ShwS72WbIsoOA==" ], "7mDaaxs3ev+uNEDYC97U3Q==": [ "1npmxgSnoYj2MyAhQMaE7g==" ], "7ra56f21gLrcSpBD8a9+NQ==": [ "BheYJlsY7UG2Ru8eF1IU4g==", "TccjTp2Y8sTyWrjrm24IKA==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "CpfomSYboaXPZ9yn9NgGgw==": [ "7aI+wyLEqkIPj2Wh4f1UKg==", "lppk3oI+Rm/KVCEYBGVKcg==" ], "FZ9gWulzkx76xjTSH/yM/g==": [ "L1pkWyFlg006sdV2pKTg4A==" ], "FrUQI+koTfbikRk1jsFd0w==": [ "XPUXyp+BOEJyEGOgXafi8Q==" ], "IZ65O3ZOapykHwhaOX1/YA==": [ "hHDtCxiuvJ9VSCSwnEG0Fw==" ], "KXUGN6voGlWUMRN5TCFy4w==": [ "QSP4YGVknCXnnhDrDAxftg==", "DrIVK8+yvV91OzF2CS9o5A==", "QskDoDnTSvrQeDXklM4YOw==", "vQmd/px1n2vUjUceHOjVLA==" ], "M9YTWinowLqOqX/+8mbhjg==": [ "LeWRqc+lggRL8KnG53e6CA==", "g6ZHihkpvpkr3oZoVOs05w==", "bugTfOdgCaATW4vTnuXTSQ==", "HxI42iSjURjRki+uV6q/9w==" ], "O1acB+rpl9OLkk9I6phF7Q==": [ "WxO9le6q4ACTs4KnSuckDw==" ], "OCIjbR16ktOEiFK36r0WNw==": [ "LuirMfnv2JkWFEU8MUuKUQ==" ], "OaFmq38HlbKLTTEM/qATzg==": [ "rz/CPeG1fPitayrSa0BFxQ==", "l1pK1ezh6e0g8I+Dp2iK7w==", "6rEIsdyQtCC456AuGwgsDQ==", "8MfvwX+dRI6Qt2H+x71rZg==", "oqSc7q4k6wTno/u9knscCQ==", "zqGJegkbTlVqcHBa6HtRTQ==", "Pza9Y2xtH9MChVMkZwgw2A==", "smB1yCGhBb8gDhPAER7odg==", "l6IrI73Pg+lrisEtcgX+0Q==", "YIlv6HIDfGqvZL/MDTWWpg==", "FQwXyPZ+oHyxQZ9RBQXbpw==", "X7DmUVoCri5i6vdYVBBgXg==", "a9FllBAJiFi5FeYl0KG4aQ==", "3UNcgW64Eji4iyY2ZDB1cg==" ], "P5Om9zCJ/QZ+hnrEvj6fGw==": [ "ymKqobod4xPivmLT/iq9oQ==" ], "PIk2BBAWexCFofMi5q03RA==": [ "S5Dzz9cigoJDCj8s5UcT0g==" ], "S8p9UGak1oycptcpYp/1eg==": [ "d/522T+B/ARMNSG+3QfAWA==" ], "SjQtW3gQmgt+Qj8JlnY4Mg==": [ "bgJs7DKkcMwNTsh9yTDgQg==", "uu3d3lIlYVCZwOjqoNec3g==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "WtG8AvirpmNJ8wVE+fxfGQ==": [ "FLpBF1y0CvCfFuXOmlaRZw==", "AwYRRq6SmgfJLn2NZxQUdw==", "qFIYjZJeFnLAVC7lR0n6oQ==", "RHShqbO2hqcBNPYbKDg/3A==", "8kndQj/aRn+NNJdGVP9v4g==", "DTApvRZh1HJD5XbbpU3ahw==", "jiVVTQmOtKqVixv7agF/Hg==", "u0cs09LPRVEEfen4PHM6gA==", "F4WBuBnk4OQIl1a5Q4CVPg==", "8ZCpE1M7eqNdy615aO2gLQ==", "mYgwcPpa/l0bTZdysqbplg==" ], "XJlS+gwEt7T+nNr/Bflqzg==": [ "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==" ], "XMkvB1ljVS0bNTUu2UEs3g==": [ "XPUXyp+BOEJyEGOgXafi8Q==" ], "ZabCZVOpeuHGnRiGdzqBig==": [ "L1pkWyFlg006sdV2pKTg4A==" ], "ayTA+mXRKgSCRl5LaqP4/w==": [ "JqWXvYyB4T300h7KRcWtFA==", "klH60uFrR0WkawaSlcOEKg==", "VYGbkY0i6P3tRJd9mM1wNg==", "PrCrIesi0sSvMQjPpvxecw==", "Qbjoqw6Ot3cGOKNyQYBo4g==", "e0VfCD1REapdkagkByCnXQ==", "svCt47J2Zwa45xj8gn3U/w==", "ixc06f0H9vqMfsbwQSwwvA==", "yzZzF1vLZmeTiLJMgY7W0Q==", "NrTzMmbWyM5UeSvnQVNLOg==", "Eh3WlvVSpgyvj1kaA5So7g==" ], "eK3V3oi6vbIfOQRAcWBYDw==": [ "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==" ], "iVtx1BX52G3zRfk+g/oWIg==": [ "78ARTcr/iVbEbtXWNEyadA==", "7eKrcl3YwGJqhWmZNbH7Eg==", "KCgZ2MK707GRfjAO2Q3SOA==", "Q6o565VsHFcmyuOW6jCOGw==", "fFM0zIKtKuexRqlZMkzQpg==", "3bb0a18NQSPWO0aeq9twVw==", "WP0Zjo/ORuC7+jbSIrru8A==", "Argl342WI7oZtgSo+p9kMA==", "ncqqUTuMttuUZ8SF9/Ywrg==", "u90uEyQ6vxfKeIQvjGNTHQ==", "429KD7e1Cl6AyUZNBGOTQw==", "OB9n4NdBrq+3wlcM9+90Dg==", "JK4fCJz1Ja5lmfE/vF5PcQ==", "D7U85Qc3CYAscEzhSfT76A==", "e/EuZlSZUQTHCSl8kHuFag==", "+U7CyAHaY71mhNm2Xnq2uw==", "y7I268PAr74OoToX85XE8w==", "bjyLMZdYnkrpUxDySiQ34Q==", "4u3exWl+MPcCOYOgbQLM+A==", "ixD2h349uZz3eCy55KxIlw==", "j/vFtwZCr4ow5q2VPKgR9g==", "/jvSCV2RwJ6c/Llx9z8uvA==", "Jrkns8qeStFRPhcitcuZ4w==", "yUucg71orzE08FiDgaKBPQ==", "GWKQvGJTKzyU9GiQECoFhg==", "5amguv6OT1njd8r+RXMCQQ==", "2TDjlt2gAEWsLyBBPigFYw==", "WVv0x6iWhzRgZZTPZ190Ng==", "M293c+QguJ/aaYP3cMwfyQ==", "Ie7rkr8oApZOM9PK2gFB6A==", "0E1VjQWdmolR9lr9ElIZZQ==", "6hAQW3vY9ZA/8datv1rY4g==", "TwoNniaY2Urt7TF64epJXg==", "mZCCwO//htsOIXazj/SeOw==", "YtNpM5pykErH+UBXZABWdg==", "5BksN0izCeDRrtFMsNCyvg==" ], "izPQpATHYfezyT+kcua/tQ==": [ "1/8/Mjb4nleg0SsOivHAww==", "XdzUGUJMTsfPfs79OXKU4Q==", "y/3qWQj3xOUQpm2CUr+ftg==", "f6oGdnhZomBa/bs3snB3kA==" ], "kAEPeyZOK/FwFoG6mOFUbQ==": [ "VzbOWZs6Sa8zFH+GQEnasQ==" ], "lad8JH31WlI0MsNEYhUWlA==": [ "Iy2V+5RC7ENxxmnS9KdBOw==", "SYSyRuW2vXdWcXLSfRP1aQ==", "1hhG+RKT0fsxlS/Wf/LWEA==", "uWz4SaM79VpO4EPAy+0C8g==", "/A7M1zrsMND1dKjg2gEuyg==", "ija3h8P09PxwjEuLSUS2HA==", "59oEBlU3jh6EL6gtZDUaug==", "9bjl4H6CMWLL3h1g5y6i9Q==", "MT27FBW6q+x91HBvTyGVKQ==", "IrRjtVOpf04EO7iAKFAznQ==", "sJNoOKrtqJYf9M2tWcTlqg==", "+UOyQgpOAnrWS+mVMK5k1Q==" ], "mDM1q1sl0PqUWEn54kTSRw==": [ "N7otM4CJgwQwy0Mz0UA3Vw==", "Lhc4n2a9ma6eRDB/RCRmLQ==", "6rEIsdyQtCC456AuGwgsDQ==", "8MfvwX+dRI6Qt2H+x71rZg==", "oqSc7q4k6wTno/u9knscCQ==", "zqGJegkbTlVqcHBa6HtRTQ==", "Pza9Y2xtH9MChVMkZwgw2A==", "smB1yCGhBb8gDhPAER7odg==", "l6IrI73Pg+lrisEtcgX+0Q==", "YIlv6HIDfGqvZL/MDTWWpg==", "FQwXyPZ+oHyxQZ9RBQXbpw==", "X7DmUVoCri5i6vdYVBBgXg==", "a9FllBAJiFi5FeYl0KG4aQ==", "3UNcgW64Eji4iyY2ZDB1cg==" ], "nzQEyt4JfkGeZIIHPiBhog==": [ "zmNQpHydwXFAJmLcFFYiyQ==", "bOC69k4Gpn8Av1w/ra2Tdw==", "e0/Fzu8wfMZp9zX32i9rMQ==" ], "nzlusFbkan5h1d1Ks+BKBQ==": [ "tbhLz74i3ShwS72WbIsoOA==" ], "rY/kE/V4JnxYoqV+lmc9mg==": [ "DDxCHnX+kCqcRQj9b90/cg==" ], "v3i4ez5juML2ZWwR+6dFFg==": [ "PUCpgzV2LGcCb5yPJbawGw==", "AUiFITCnRjRxctzqqbDeeA==", "9iigvnuYDaC8UzcOIDLjIQ==", "iF/o4aDbQf1DAw7R+LiVQw==", "GAn7gWUe2pFr7PbwechqxA==", "76z9Mpn8Jp7lhZSPsHTHug==" ], "wfJGCqOH8d+IYg/dAepx1A==": [ "vtpIIEEoAREfzDi0+K26Fg==", "eUh0vSDVmqXTnsB7jL0b4g==", "znnZtQrOfSxqGV/OZKzI5g==", "uaetuJImncB6wudykQLpEA==", "VWEbeFnFOHy1IkG21b5a5g==", "xxrOMZzPk7ETmnvrIjBo0A==", "mJw+LvAbCoVMIOZXCXNFpg==", "76mWuVYhbmIFsc4DNorK9A==", "lQBARBTddFvexevUD04GZA==", "sykv+pGN4TXggZNIwL/H4g==", "Kqq2xlybjD/tOLmQWu2xPw==", "Ez8lHT2uV9Tf9vJC/T4WXg==", "YX2rGofSXHBcNhTOGpNkAA==", "LxYgcRll4fEnbCHHZWt4BA==", "KMGV9rbVZ/vVUNSX6f+JqA==" ] }, "enrichments": {} } pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589 clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 4, "warnings": [ { "msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libnghttp2-1.43.0-6.el9 (CVE-2026-27135), libarchive-3.5.3-6.el9_6 (CVE-2026-4111, CVE-2026-4424), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-15467), sqlite-libs-3.34.1-8.el9_6 (CVE-2025-6965), gnupg2-2.3.3-4.el9 (CVE-2025-68973)", "name": "clair_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 6 } }, { "msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libcap-2.48-9.el9_2 (CVE-2026-4878), krb5-libs-1.21.1-8.el9_6 (CVE-2026-40356)", "name": "clair_unpatched_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 2 } }, { "msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libmount-2.37.4-21.el9 (CVE-2025-14104), libuuid-2.37.4-21.el9 (CVE-2025-14104), systemd-libs-252-51.el9_6.2 (CVE-2025-4598), libblkid-2.37.4-21.el9 (CVE-2025-14104), glib2-2.68.4-16.el9_6.2 (CVE-2025-13601), libarchive-3.5.3-6.el9_6 (CVE-2026-5121), libsmartcols-2.37.4-21.el9 (CVE-2025-14104), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2025-9086), libxml2-2.9.13-12.el9_6 (CVE-2025-9714), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-11187, CVE-2025-69419, CVE-2025-9230), gnutls-3.8.3-6.el9_6.2 (CVE-2025-14831), glibc-2.34-168.el9_6.23 (CVE-2026-0915), curl-minimal-7.76.1-31.el9_6.1 (CVE-2025-9086)", "name": "clair_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 15 } }, { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: glibc-minimal-langpack-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), libmount-2.37.4-21.el9 (CVE-2026-27456), libuuid-2.37.4-21.el9 (CVE-2026-27456), coreutils-single-8.32-39.el9 (CVE-2025-5278), systemd-libs-252-51.el9_6.2 (CVE-2026-29111, CVE-2026-4105), libblkid-2.37.4-21.el9 (CVE-2026-27456), glib2-2.68.4-16.el9_6.2 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), libarchive-3.5.3-6.el9_6 (CVE-2023-30571, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), libsmartcols-2.37.4-21.el9 (CVE-2026-27456), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), libxml2-2.9.13-12.el9_6 (CVE-2026-0990, CVE-2026-1757, CVE-2026-6732), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2026-28386, CVE-2026-28390, CVE-2026-31790), openldap-2.6.8-4.el9 (CVE-2026-22185), gnupg2-2.3.3-4.el9 (CVE-2025-68972), glibc-common-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), glibc-2.34-168.el9_6.23 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), xz-libs-5.2.5-8.el9_0 (CVE-2026-34743), krb5-libs-1.21.1-8.el9_6 (CVE-2026-40355), curl-minimal-7.76.1-31.el9_6.1 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 52 } }, { "msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796), gnutls-3.8.3-6.el9_6.2 (CVE-2025-9820), shadow-utils-2:4.9-12.el9 (CVE-2024-56433), glibc-2.34-168.el9_6.23 (CVE-2025-15281, CVE-2026-0861)", "name": "clair_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 13 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libstdc++-11.5.0-5.el9_5 (CVE-2022-27943), zlib-1.2.11-40.el9 (CVE-2026-27171), glibc-minimal-langpack-2.34-168.el9_6.23 (CVE-2026-4438), libgcc-11.5.0-5.el9_5 (CVE-2022-27943), gawk-5.1.0-6.el9 (CVE-2023-4156), libtasn1-4.16.0-9.el9 (CVE-2025-13151), pcre2-syntax-10.40-6.el9 (CVE-2022-41409), pcre2-10.40-6.el9 (CVE-2022-41409), glib2-2.68.4-16.el9_6.2 (CVE-2023-32636, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), libgcrypt-1.10.0-11.el9 (CVE-2026-41990), libarchive-3.5.3-6.el9_6 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), libcurl-minimal-7.76.1-31.el9_6.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-15079, CVE-2025-15224), libxml2-2.9.13-12.el9_6 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), openssl-fips-provider-so-3.0.7-6.el9_5 (CVE-2026-2673), openssl-libs-1:3.2.2-6.el9_5.1 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232, CVE-2026-2673, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), sqlite-libs-3.34.1-8.el9_6 (CVE-2024-0232, CVE-2025-70873), gnupg2-2.3.3-4.el9 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), ncurses-base-6.2-10.20210508.el9_6.2 (CVE-2023-50495), glibc-common-2.34-168.el9_6.23 (CVE-2026-4438), glibc-2.34-168.el9_6.23 (CVE-2026-4438), ncurses-libs-6.2-10.20210508.el9_6.2 (CVE-2023-50495), openssl-fips-provider-3.0.7-6.el9_5 (CVE-2026-2673), curl-minimal-7.76.1-31.el9_6.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-15079, CVE-2025-15224)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 55 } } ] } ] {"vulnerabilities":{"critical":0,"high":6,"medium":15,"low":13,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":2,"medium":52,"low":55,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry:6dfc0e7818e3cee33bb9a249454b22fc82dd0f9f", "digests": ["sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589"]}} {"result":"SUCCESS","timestamp":"2026-04-29T11:36:02+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: gh-multi-component-parent-qdry-on-push-2b46z-init-pod | init container: prepare 2026/04/29 11:20:29 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-2b46z-init-pod | container step-init: time="2026-04-29T11:21:27Z" level=info msg="[param] enable: false" time="2026-04-29T11:21:27Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:21:27Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:21:27Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:21:27Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:21:27Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:21:27Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:21:27Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:21:27Z" level=info msg="[result] NO PROXY: " pod: gh-multi-component-parent-qdry-on-push-45lcb-init-pod | init container: prepare 2026/04/29 11:44:56 Entrypoint initialization pod: gh-multi-component-parent-qdry-on-push-45lcb-init-pod | container step-init: time="2026-04-29T11:45:00Z" level=info msg="[param] enable: false" time="2026-04-29T11:45:00Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:45:00Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:45:00Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:45:00Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:45:00Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:45:00Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:45:00Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:45:00Z" level=info msg="[result] NO PROXY: " { s: "\n pod: gh-multi-component-parent-qdry-on-pull-request-5cvdz-init-pod | init container: prepare\n2026/04/29 11:06:16 Entrypoint initialization\n\npod: gh-multi-component-parent-qdry-on-pull-request-5cvdz-init-pod | container step-init: \ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"[param] enable: false\"\ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"[param] default-http-proxy: squid.caching.svc.cluster.local:3128\"\ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai\"\ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"[param] http-proxy-result-path: /tekton/results/http-proxy\"\ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"[param] no-proxy-result-path: /tekton/results/no-proxy\"\ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"Using in-cluster config\" logger=KubeClient\ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"Cache proxy is disabled via param\"\ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"[result] HTTP PROXY: \"\ntime=\"2026-04-29T11:06:19Z\" level=info msg=\"[result] NO PROXY: \"\n\n pod: gh-multi-component-parent-qdry-on-push-2b46z-apply-tags-pod | init container: prepare\n2026/04/29 11:33:39 Entrypoint initialization\n\npod: gh-multi-component-parent-qdry-on-push-2b46z-apply-tags-pod | container step-apply-additional-tags: \ntime=\"2026-04-29T11:34:21Z\" level=info msg=\"[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry:6dfc0e7818e3cee33bb9a249454b22fc82dd0f9f\"\ntime=\"2026-04-29T11:34:21Z\" level=info msg=\"[param] digest: sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589\"\ntime=\"2026-04-29T11:34:21Z\" level=info msg=\"[param] tags-from-image-label: konflux.additional-tags\"\ntime=\"2026-04-29T11:34:22Z\" level=warning msg=\"No tags given in 'konflux.additional-tags' image label\"\n{\"tags\":[]}\n pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | init container: prepare\n2026/04/29 11:32:59 Entrypoint initialization\n\n pod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | init container: place-scripts\n2026/04/29 11:33:14 Decoded script /tekton/scripts/script-0-8pcw5\n2026/04/29 11:33:15 Decoded script /tekton/scripts/script-1-k99l2\n2026/04/29 11:33:15 Decoded script /tekton/scripts/script-2-ghmvw\n2026/04/29 11:33:15 Decoded script /tekton/scripts/script-3-jvvln\n\npod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-get-image-manifests: \nInspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-sctz/gh-multi-component-parent-qdry@sha256:07b50c6276ab547fcfa1b838f5cfaf2daff016ca6df40c6ca4670fdabad20589.\n\npod: gh-multi-component-parent-qdry-on-push-2b46z-clair-scan-pod | container step-get-vulnerabilities: \nRunning clair-action on amd64 image manifest...\n\x1b[90m2026-04-29T11:34:39Z\x1b[0m \x1b[32mINF\x1b[0m \x1b[1mmatchers created\x1b[0m \x1b[36mcomponent=\x1b[0mlibvuln/New \x1b[36mmatchers=\x1b[0m[{\"docs\":\"https://pkg.go.dev/github.com/quay/claircore/debian\",\"name\":\"debian-matcher\"},{\"docs\":\"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc\",\"name\":\"rhel-container-matcher\"},{\"docs\":\"https://pkg.go.dev/github.com/quay/claircore/suse\",\"name\":\"suse\"},{\"docs\":\"https://pkg.go.dev/github.com/quay/claircore/ubuntu\",\"name\":\"ubuntu-matcher\"},{\"docs\":\"https://pkg.go.dev/github.com/quay/claircore/oracle\",\"name\":\"oracle\"},{\"docs\":\"https://pkg.go.dev/github.com/quay/claircore/photon\",\"name\":\"photon\"},{\"docs\":\"https://pkg.go.dev/github.com/quay/claircore/python\",\"name\":\"python\"},{\"docs\":\"https://pkg.go.dev/github.com/quay/claircore/rhel\",\"name\":\"rhel\"},{\"docs\":\"https://pkg.go.dev/github.com/quay/clai... Gomega truncated this representation as it exceeds 'format.MaxLength'. Consider having the object provide a custom 'GomegaStringer' representation or adjust the parameters in Gomega's 'format' package. Learn more here: https://onsi.github.io/gomega/#adjusting-output In [It] at: /workspace/source/test/e2e/renovate.go:403 @ 04/29/26 11:46:48.363 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] should lead to a nudge PR creation for child component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:412 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/renovate.go:412 @ 04/29/26 11:46:55.36 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] merging the PR should be successful for child component [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:429 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/renovate.go:429 @ 04/29/26 11:46:55.361 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] Verify the nudge updated the contents [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:440 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/renovate.go:440 @ 04/29/26 11:46:55.361 ------------------------------ • [FAILED] [3359.410 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is updated [It] PipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:492 Timeline >> PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn found for Component build-e2e-ejpt/fj-test-custom-branch-eztadk PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-cdkkn reason: Failed attempt 1/3: PipelineRun "fj-test-custom-branch-eztadk-on-pull-request-cdkkn" failed: pod: fj-test-custom-branch-eztadk-on-pull-request-2fwzh-init-pod | init container: prepare 2026/04/29 11:07:16 Entrypoint initialization pod: fj-test-custom-branch-eztadk-on-pull-request-2fwzh-init-pod | container step-init: time="2026-04-29T11:07:23Z" level=info msg="[param] enable: false" time="2026-04-29T11:07:23Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:07:23Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:07:23Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:07:23Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:07:23Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:07:23Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:07:23Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:07:23Z" level=info msg="[result] NO PROXY: " pod: fj-test-custom-branch-eztadk-on-pull-request-cdkkn-init-pod | init container: prepare 2026/04/29 11:27:15 Entrypoint initialization pod: fj-test-custom-branch-eztadk-on-pull-request-cdkkn-init-pod | container step-init: time="2026-04-29T11:27:24Z" level=info msg="[param] enable: false" time="2026-04-29T11:27:24Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:27:24Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:27:24Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:27:24Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:27:24Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:27:25Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:27:25Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:27:25Z" level=info msg="[result] NO PROXY: " New PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh found after retrigger for component build-e2e-ejpt/fj-test-custom-branch-eztadk PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr found for Component build-e2e-ejpt/fj-test-custom-branch-eztadk PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-c2xcr reason: Failed attempt 2/3: PipelineRun "fj-test-custom-branch-eztadk-on-pull-request-c2xcr" failed: pod: fj-test-custom-branch-eztadk-on-pull-request-2fwzh-init-pod | init container: prepare 2026/04/29 11:07:16 Entrypoint initialization pod: fj-test-custom-branch-eztadk-on-pull-request-2fwzh-init-pod | container step-init: time="2026-04-29T11:07:23Z" level=info msg="[param] enable: false" time="2026-04-29T11:07:23Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:07:23Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:07:23Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:07:23Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:07:23Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:07:23Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:07:23Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:07:23Z" level=info msg="[result] NO PROXY: " pod: fj-test-custom-branch-eztadk-on-pull-request-c2xcr-init-pod | init container: prepare 2026/04/29 11:39:30 Entrypoint initialization pod: fj-test-custom-branch-eztadk-on-pull-request-c2xcr-init-pod | container step-init: time="2026-04-29T11:39:36Z" level=info msg="[param] enable: false" time="2026-04-29T11:39:36Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:39:36Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:39:36Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:39:36Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:39:36Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:39:36Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:39:36Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:39:36Z" level=info msg="[result] NO PROXY: " pod: fj-test-custom-branch-eztadk-on-pull-request-cdkkn-init-pod | init container: prepare 2026/04/29 11:27:15 Entrypoint initialization pod: fj-test-custom-branch-eztadk-on-pull-request-cdkkn-init-pod | container step-init: time="2026-04-29T11:27:24Z" level=info msg="[param] enable: false" time="2026-04-29T11:27:24Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:27:24Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:27:24Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:27:24Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:27:24Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:27:25Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:27:25Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:27:25Z" level=info msg="[result] NO PROXY: " New PipelineRun fj-test-custom-branch-eztadk-on-pull-request-2fwzh found after retrigger for component build-e2e-ejpt/fj-test-custom-branch-eztadk PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj found for Component build-e2e-ejpt/fj-test-custom-branch-eztadk PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: Running PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping PipelineRun fj-test-custom-branch-eztadk-on-pull-request-vf8wj reason: PipelineRunStopping attempt 3/3: PipelineRun "fj-test-custom-branch-eztadk-on-pull-request-vf8wj" failed: context deadline exceeded [FAILED] in [It] - /workspace/source/test/e2e/pac_build.go:494 @ 04/29/26 12:11:32.039 << Timeline [FAILED] Expected success, but got an error: : context deadline exceeded {} In [It] at: /workspace/source/test/e2e/pac_build.go:494 @ 04/29/26 12:11:32.039 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is updated [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:497 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:497 @ 04/29/26 12:11:32.766 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged [It] eventually leads to triggering another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:523 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:523 @ 04/29/26 12:11:32.766 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged [It] pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:539 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:539 @ 04/29/26 12:11:32.767 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged [It] does not have expiration set [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:545 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:545 @ 04/29/26 12:11:32.767 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged [It] After updating image visibility to private, it should not trigger another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:560 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:560 @ 04/29/26 12:11:32.767 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged [It] image repo is updated to private [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:590 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:590 @ 04/29/26 12:11:32.768 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:595 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:631 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the component is removed and recreated (with the same name in the same namespace) [It] should no longer lead to a creation of a PaC PR [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:701 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/pac_build.go:701 @ 04/29/26 12:11:32.768 ------------------------------ • [FAILED] [3053.305 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] PAC PipelineRun for parent component is successful [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:401 Timeline >> PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq found for Component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun has not been created yet for the Component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-gk9rq reason: Failed attempt 1/3: PipelineRun "gl-multi-component-parent-jbmm-on-push-gk9rq" failed: pod: gl-multi-component-parent-jbmm-on-pull-request-g86gj-init-pod | init container: prepare 2026/04/29 11:09:51 Entrypoint initialization pod: gl-multi-component-parent-jbmm-on-pull-request-g86gj-init-pod | container step-init: time="2026-04-29T11:10:01Z" level=info msg="[param] enable: false" time="2026-04-29T11:10:01Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:10:01Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:10:01Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:10:01Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:10:01Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:10:01Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:10:01Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:10:01Z" level=info msg="[result] NO PROXY: " pod: gl-multi-component-parent-jbmm-on-push-gk9rq-init-pod | init container: prepare 2026/04/29 11:30:29 Entrypoint initialization pod: gl-multi-component-parent-jbmm-on-push-gk9rq-init-pod | container step-init: time="2026-04-29T11:30:40Z" level=info msg="[param] enable: false" time="2026-04-29T11:30:40Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:30:40Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:30:40Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:30:40Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:30:40Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:30:40Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:30:40Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:30:40Z" level=info msg="[result] NO PROXY: " New PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 found after retrigger for component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 found for Component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-w9cp4 reason: Failed attempt 2/3: PipelineRun "gl-multi-component-parent-jbmm-on-push-w9cp4" failed: pod: gl-multi-component-parent-jbmm-on-pull-request-g86gj-init-pod | init container: prepare 2026/04/29 11:09:51 Entrypoint initialization pod: gl-multi-component-parent-jbmm-on-pull-request-g86gj-init-pod | container step-init: time="2026-04-29T11:10:01Z" level=info msg="[param] enable: false" time="2026-04-29T11:10:01Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:10:01Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:10:01Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:10:01Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:10:01Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:10:01Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:10:01Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:10:01Z" level=info msg="[result] NO PROXY: " pod: gl-multi-component-parent-jbmm-on-push-gk9rq-init-pod | init container: prepare 2026/04/29 11:30:29 Entrypoint initialization pod: gl-multi-component-parent-jbmm-on-push-gk9rq-init-pod | container step-init: time="2026-04-29T11:30:40Z" level=info msg="[param] enable: false" time="2026-04-29T11:30:40Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:30:40Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:30:40Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:30:40Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:30:40Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:30:40Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:30:40Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:30:40Z" level=info msg="[result] NO PROXY: " pod: gl-multi-component-parent-jbmm-on-push-w9cp4-init-pod | init container: prepare 2026/04/29 11:42:02 Entrypoint initialization pod: gl-multi-component-parent-jbmm-on-push-w9cp4-init-pod | container step-init: time="2026-04-29T11:42:04Z" level=info msg="[param] enable: false" time="2026-04-29T11:42:04Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:42:04Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:42:04Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:42:04Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:42:04Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:42:04Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:42:04Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:42:04Z" level=info msg="[result] NO PROXY: " New PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg found after retrigger for component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg found for Component build-e2e-yrhs/gl-multi-component-parent-jbmm PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: ResolvingTaskRef PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: Running PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping PipelineRun gl-multi-component-parent-jbmm-on-push-2ztlg reason: PipelineRunStopping attempt 3/3: PipelineRun "gl-multi-component-parent-jbmm-on-push-2ztlg" failed: context deadline exceeded [FAILED] in [It] - /workspace/source/test/e2e/renovate.go:403 @ 04/29/26 12:14:13.48 << Timeline [FAILED] Expected success, but got an error: : context deadline exceeded {} In [It] at: /workspace/source/test/e2e/renovate.go:403 @ 04/29/26 12:14:13.48 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] should lead to a nudge PR creation for child component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:412 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/renovate.go:412 @ 04/29/26 12:14:20.348 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] merging the PR should be successful for child component [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:429 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/renovate.go:429 @ 04/29/26 12:14:20.348 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] Verify the nudge updated the contents [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:440 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/renovate.go:440 @ 04/29/26 12:14:20.348 ------------------------------ • [FAILED] [4310.139 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] the PipelineRun should eventually finish successfully for component python-component-ayhvev [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:159 Timeline >> PipelineRun python-component-ayhvev-on-pull-request-dp8xn found for Component build-e2e-xlaq/python-component-ayhvev PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Running PipelineRun python-component-ayhvev-on-pull-request-dp8xn reason: Failed attempt 1/3: PipelineRun "python-component-ayhvev-on-pull-request-dp8xn" failed: pod: python-component-ayhvev-on-0204027c1bb82451011ee8bbb8c896d6-pod | init container: prepare 2026/04/29 11:15:36 Entrypoint initialization pod: python-component-ayhvev-on-0204027c1bb82451011ee8bbb8c896d6-pod | init container: place-scripts 2026/04/29 11:16:55 Decoded script /tekton/scripts/script-0-44nhq 2026/04/29 11:16:55 Decoded script /tekton/scripts/script-1-csfzl pod: python-component-ayhvev-on-0204027c1bb82451011ee8bbb8c896d6-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1777461591.266629,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777461591.7287467,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ 4d4f2cbfd35ad27a352ef6ad616ed72e3991bb8d (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1777461591.7287927,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1777461591.7476695,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision 4d4f2cbfd35ad27a352ef6ad616ed72e3991bb8d directly. pod: python-component-ayhvev-on-0204027c1bb82451011ee8bbb8c896d6-pod | container step-symlink-check: Running symlink check pod: python-component-ayhvev-on-0204027c1bb82451011ee8bbb8c896d6-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:901dc06d1b8faf592bebd941f6c3c19ac2afeccfe73094946ebc2db5371616d6) Using token for quay.io/redhat-appstudio-qe/build-e2e-xlaq/python-component-ayhvev Executing: oras push --annotation=quay.expires-after=5d --registry-config /tmp/create-oci.sh.cwIAgV/auth-ik7QvO.json quay.io/redhat-appstudio-qe/build-e2e-xlaq/python-component-ayhvev:on-pr-4d4f2cbfd35ad27a352ef6ad616ed72e3991bb8d.git SOURCE_ARTIFACT Uploading 901dc06d1b8f SOURCE_ARTIFACT Uploaded 901dc06d1b8f SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-xlaq/python-component-ayhvev:on-pr-4d4f2cbfd35ad27a352ef6ad616ed72e3991bb8d.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:f8a7b3cb02b499913aab4b88734b79ca3995999adc2305ecbe01fd701220587f Artifacts created pod: python-component-ayhvev-on-pull-request-dp8xn-init-pod | init container: prepare 2026/04/29 11:13:06 Entrypoint initialization pod: python-component-ayhvev-on-pull-request-dp8xn-init-pod | container step-init: time="2026-04-29T11:13:11Z" level=info msg="[param] enable: false" time="2026-04-29T11:13:11Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:13:11Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:13:11Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:13:11Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:13:11Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:13:11Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:13:11Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:13:11Z" level=info msg="[result] NO PROXY: " New PipelineRun python-component-ayhvev-on-pull-request-gg6tg found after retrigger for component build-e2e-xlaq/python-component-ayhvev PipelineRun python-component-ayhvev-on-pull-request-gg6tg found for Component build-e2e-xlaq/python-component-ayhvev PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: Running PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-gg6tg reason: PipelineRunStopping attempt 2/3: PipelineRun "python-component-ayhvev-on-pull-request-gg6tg" failed: context deadline exceededNew PipelineRun python-component-ayhvev-on-pull-request-bq4tx found after retrigger for component build-e2e-xlaq/python-component-ayhvev PipelineRun python-component-ayhvev-on-pull-request-bq4tx found for Component build-e2e-xlaq/python-component-ayhvev PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: ResolvingTaskRef PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: Running PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping PipelineRun python-component-ayhvev-on-pull-request-bq4tx reason: PipelineRunStopping attempt 3/3: PipelineRun "python-component-ayhvev-on-pull-request-bq4tx" failed: context deadline exceeded [FAILED] in [It] - /workspace/source/test/e2e/multi_component.go:161 @ 04/29/26 12:23:40.763 << Timeline [FAILED] Expected success, but got an error: : context deadline exceeded {} In [It] at: /workspace/source/test/e2e/multi_component.go:161 @ 04/29/26 12:23:40.763 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] merging the PR should be successful [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:164 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/multi_component.go:164 @ 04/29/26 12:23:42.937 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] leads to triggering on push PipelineRun [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:174 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/multi_component.go:174 @ 04/29/26 12:23:42.937 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] only one component is changed [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:190 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/multi_component.go:190 @ 04/29/26 12:23:42.938 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] only related pipelinerun should be triggered [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:205 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/multi_component.go:205 @ 04/29/26 12:23:42.938 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when a components is created with same git url in different namespace [It] should fail to configure PaC for the component [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:264 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/test/e2e/multi_component.go:264 @ 04/29/26 12:23:42.938 ------------------------------ • [TIMEDOUT] [3853.539 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated [It] PipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:492 Timeline >> PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw found for Component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-8h6rw reason: PipelineRunStopping attempt 1/3: PipelineRun "gh-test-custom-branch-xnefyl-on-pull-request-8h6rw" failed: context deadline exceededNew PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm found after retrigger for component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm found for Component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: PipelineRunStopping PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-m29hm reason: Failed attempt 2/3: PipelineRun "gh-test-custom-branch-xnefyl-on-pull-request-m29hm" failed: pod: gh-test-custom-branch-xnefyl-on-pull-request-m29hm-init-pod | init container: prepare 2026/04/29 11:53:18 Entrypoint initialization pod: gh-test-custom-branch-xnefyl-on-pull-request-m29hm-init-pod | container step-init: time="2026-04-29T11:53:20Z" level=info msg="[param] enable: false" time="2026-04-29T11:53:20Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:53:20Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:53:20Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:53:20Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:53:20Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:53:20Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:53:20Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:53:20Z" level=info msg="[result] NO PROXY: " pod: gh-test-custom-branch-xnefyl-on-pull-request-sbs8d-init-pod | init container: prepare 2026/04/29 11:08:11 Entrypoint initialization pod: gh-test-custom-branch-xnefyl-on-pull-request-sbs8d-init-pod | container step-init: time="2026-04-29T11:08:20Z" level=info msg="[param] enable: false" time="2026-04-29T11:08:20Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-29T11:08:20Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-29T11:08:20Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-29T11:08:20Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-29T11:08:20Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-29T11:08:20Z" level=info msg="Cache proxy is disabled via param" time="2026-04-29T11:08:20Z" level=info msg="[result] HTTP PROXY: " time="2026-04-29T11:08:20Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 found after retrigger for component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 found for Component build-e2e-kxss/gh-test-custom-branch-xnefyl PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running PipelineRun gh-test-custom-branch-xnefyl-on-pull-request-ccww2 reason: Running [TIMEDOUT] in [It] - /workspace/source/test/e2e/pac_build.go:492 @ 04/29/26 12:27:15.165 << Timeline [TIMEDOUT] A suite timeout occurred In [It] at: /workspace/source/test/e2e/pac_build.go:492 @ 04/29/26 12:27:15.165 This is the Progress Report generated when the suite timeout occurred: [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated PipelineRun should eventually finish (Spec Runtime: 1h4m12.863s) /workspace/source/test/e2e/pac_build.go:492 In [It] (Node Runtime: 1h4m12.863s) /workspace/source/test/e2e/pac_build.go:492 Spec Goroutine goroutine 545 [select] k8s.io/apimachinery/pkg/util/wait.loopConditionUntilContext({0x54fbcd8, 0xc0007e5ab0}, {0x54e8c50, 0xc000932580}, 0x1, 0x0, 0xc000f49d18) /opt/app-root/src/go/pkg/mod/k8s.io/apimachinery@v0.34.2/pkg/util/wait/loop.go:66 k8s.io/apimachinery/pkg/util/wait.PollUntilContextTimeout({0x54fbb88?, 0x76d9900?}, 0x4a817c800, 0x45d964b800?, 0x1, 0xc000071d18) /opt/app-root/src/go/pkg/mod/k8s.io/apimachinery@v0.34.2/pkg/util/wait/poll.go:48 github.com/konflux-ci/e2e-tests/pkg/clients/has.(*HasController).WaitForComponentPipelineToBeFinished(0xc001246140, 0xc001324f08, {0x0, 0x0}, {0xc0014cfe00, 0x28}, {0x0, 0x0}, 0xc0009d25c0, 0xc000f49e70, ...) /opt/app-root/src/go/pkg/mod/github.com/konflux-ci/e2e-tests@v0.0.0-20260428105747-f0b222ad8cb6/pkg/clients/has/components.go:218 > github.com/konflux-ci/build-service/test/e2e.init.func3.1.1.5.4() /workspace/source/test/e2e/pac_build.go:493 | }) | It("PipelineRun should eventually finish", func() { > Expect(f.AsKubeAdmin.HasController.WaitForComponentPipelineToBeFinished(component, "", createdFileSHA, "", | f.AsKubeAdmin.TektonController, &has.RetryOptions{Retries: 2, Always: true}, plr)).To(Succeed()) | createdFileSHA = plr.Labels["pipelinesascode.tekton.dev/sha"] github.com/onsi/ginkgo/v2/internal.extractBodyFunction.func3({0x4df713e?, 0xc000ca2338?}) /opt/app-root/src/go/pkg/mod/github.com/onsi/ginkgo/v2@v2.28.0/internal/node.go:585 github.com/onsi/ginkgo/v2/internal.(*Suite).runNode.func3() /opt/app-root/src/go/pkg/mod/github.com/onsi/ginkgo/v2@v2.28.0/internal/suite.go:946 github.com/onsi/ginkgo/v2/internal.(*Suite).runNode in goroutine 110 /opt/app-root/src/go/pkg/mod/github.com/onsi/ginkgo/v2@v2.28.0/internal/suite.go:911 ------------------------------ SSSSSS ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:595 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:631 ------------------------------ S ------------------------------ [ReportAfterSuite] PASSED [4876.542 seconds] [ReportAfterSuite] Autogenerated ReportAfterSuite for --junit-report autogenerated by Ginkgo ------------------------------ Summarizing 6 Failures: [FAIL] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is updated [It] PipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/test/e2e/pac_build.go:494 [FAIL] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] PAC PipelineRun for parent component is successful [build-service, renovate, multi-component, github] /workspace/source/test/e2e/renovate.go:403 [FAIL] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is updated [It] PipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/test/e2e/pac_build.go:494 [FAIL] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] PAC PipelineRun for parent component is successful [build-service, renovate, multi-component, gitlab] /workspace/source/test/e2e/renovate.go:403 [FAIL] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] the PipelineRun should eventually finish successfully for component python-component-ayhvev [build-service, github, pac-build, multi-component] /workspace/source/test/e2e/multi_component.go:161 [TIMEDOUT] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated [It] PipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/test/e2e/pac_build.go:492 Ran 115 of 154 Specs in 5142.377 seconds FAIL! - Suite Timeout Elapsed -- 109 Passed | 6 Failed | 7 Pending | 32 Skipped Ginkgo ran 1 suite in 1h30m1.189904203s Test Suite Failed