Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-kapy/python-component-vrlzjc@sha256:30d17c3f7c4cd956f6c48f1de22db12e815b20f2582e32bfb7c9cf410c6ba67f. Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kapy/python-component-vrlzjc Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kapy/python-component-vrlzjc WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Downloading SBOMs this way does not ensure its authenticity. If you want to ensure a tamper-proof SBOM, download it using 'cosign download attestation '. Found SBOM of media type: text/spdx+json Running TPA scan on amd64 image manifest... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed { "scanned" : { "total" : 140, "direct" : 23, "transitive" : 117 }, "providers" : { "rhtpa" : { "status" : { "ok" : true, "name" : "rhtpa", "code" : 200, "message" : "OK", "warnings" : { } }, "sources" : { "osv-github" : { "summary" : { "direct" : 5, "transitive" : 0, "total" : 5, "dependencies" : 2, "critical" : 0, "high" : 0, "medium" : 0, "low" : 0, "unknown" : 5, "remediations" : 0, "recommendations" : 6, "unscanned" : 0 }, "dependencies" : [ { "ref" : "pkg:pypi/flask@2.3.3", "issues" : [ { "id" : "CVE-2026-27205", "source" : "osv-github", "cves" : [ "CVE-2026-27205" ], "unique" : false } ], "transitive" : [ ], "highestVulnerability" : { "id" : "CVE-2026-27205", "source" : "osv-github", "cves" : [ "CVE-2026-27205" ], "unique" : false } }, { "ref" : "pkg:pypi/pip@24.2", "issues" : [ { "id" : "CVE-2025-8869", "source" : "osv-github", "cves" : [ "CVE-2025-8869" ], "unique" : false }, { "id" : "CVE-2026-1703", "source" : "osv-github", "cves" : [ "CVE-2026-1703" ], "unique" : false }, { "id" : "CVE-2026-3219", "title" : "pip doesn't reject concatenated ZIP and tar archives", "source" : "osv-github", "cves" : [ "CVE-2026-3219" ], "unique" : false }, { "id" : "CVE-2026-6357", "title" : "pip self-update functionality can import newly installed modules after wheel installation", "source" : "osv-github", "cves" : [ "CVE-2026-6357" ], "unique" : false } ], "transitive" : [ ], "highestVulnerability" : { "id" : "CVE-2025-8869", "source" : "osv-github", "cves" : [ "CVE-2025-8869" ], "unique" : false } }, { "ref" : "pkg:pypi/blinker@1.9.0", "recommendation" : "pkg:pypi/blinker@1.9.0?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/markupsafe@3.0.3", "recommendation" : "pkg:pypi/markupsafe@3.0.3?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/werkzeug@3.1.8", "recommendation" : "pkg:pypi/werkzeug@3.1.8?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/click@8.4.2", "recommendation" : "pkg:pypi/click@8.4.2?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/jinja2@3.1.6", "recommendation" : "pkg:pypi/jinja2@3.1.6?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/itsdangerous@2.2.0", "recommendation" : "pkg:pypi/itsdangerous@2.2.0?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" } ] }, "redhat-csaf" : { "summary" : { "direct" : 33, "transitive" : 177, "total" : 210, "dependencies" : 37, "critical" : 5, "high" : 56, "medium" : 132, "low" : 16, "unknown" : 1, "remediations" : 0, "recommendations" : 0, "unscanned" : 0 }, "dependencies" : [ { "ref" : "pkg:rpm/redhat/librepo@1.14.5-3.el9?arch=x86_64&distro=rhel-9.7&upstream=librepo-1.14.5-3.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.5.1-7.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-7.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2026-45445", "title" : "AES-OCB IV Ignored on EVP_Cipher() Path", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2026-45445" ], "unique" : false }, { "id" : "CVE-2026-45447", "title" : "Heap Use-After-Free in the PKCS7_verify() Function", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-45447" ], "unique" : false }, { "id" : "CVE-2026-28390", "title" : "Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-28390" ], "unique" : false }, { "id" : "CVE-2026-34183", "title" : "Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-34183" ], "unique" : false }, { "id" : "CVE-2025-69419", "title" : "Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2026-34182", "title" : "CMS AuthEnvelopedData Processing May Accept Forged Messages", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2026-34182" ], "unique" : false }, { "id" : "CVE-2025-69421", "title" : "NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2026-34181", "title" : "PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34181" ], "unique" : false }, { "id" : "CVE-2026-42768", "title" : "Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42768" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "title" : "Missing ASN1_TYPE validation in TS_RESP_verify_response() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "title" : "ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false }, { "id" : "CVE-2026-42764", "title" : "NULL Pointer Dereference in QUIC Server Initial Packet Handling", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42764" ], "unique" : false }, { "id" : "CVE-2026-42769", "title" : "Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42769" ], "unique" : false }, { "id" : "CVE-2026-42770", "title" : "FFC-DH Peer Validation Uses Attacker-Supplied q", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42770" ], "unique" : false }, { "id" : "CVE-2026-9076", "title" : "Out-of-Bounds Read in CMS Password-Based Decryption", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-9076" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "title" : "Missing ASN1_TYPE validation in PKCS#12 parsing", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2026-7383", "title" : "Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-7383" ], "unique" : false }, { "id" : "CVE-2026-42766", "title" : "Possible NULL Dereference in Password-Based CMS Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42766" ], "unique" : false }, { "id" : "CVE-2026-42767", "title" : "NULL Pointer Dereference in CRMF EncryptedValue Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42767" ], "unique" : false }, { "id" : "CVE-2026-34180", "title" : "Heap Buffer Over-read in ASN.1 Content Parsing", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34180" ], "unique" : false }, { "id" : "CVE-2025-68160", "title" : "Heap out-of-bounds write in BIO_f_linebuffer on short writes", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "title" : "Unauthenticated/unencrypted trailing bytes with low-level OCB function calls", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2026-45446", "title" : "Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-45446" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false }, { "id" : "CVE-2025-49794", "title" : "Libxml: heap use after free (uaf) leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49794" ], "unique" : false }, { "id" : "CVE-2025-49796", "title" : "Libxml: type confusion leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49796" ], "unique" : false }, { "id" : "CVE-2024-56171", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2024-56171" ], "unique" : false }, { "id" : "CVE-2025-24928", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-24928" ], "unique" : false }, { "id" : "CVE-2025-7425", "title" : "Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-7425" ], "unique" : false }, { "id" : "CVE-2025-32415", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-32415" ], "unique" : false }, { "id" : "CVE-2025-49795", "title" : "Libxml: null pointer dereference leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-49795" ], "unique" : false }, { "id" : "CVE-2025-6021", "title" : "Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6021" ], "unique" : false }, { "id" : "CVE-2025-7424", "title" : "Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-7424" ], "unique" : false }, { "id" : "CVE-2026-6732", "title" : "Libxml2: libxml2: denial of service via crafted xsd-validated document", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6732" ], "unique" : false }, { "id" : "CVE-2025-9714", "title" : "Stack overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9714" ], "unique" : false }, { "id" : "CVE-2026-1757", "title" : "Libxml2: memory leak leading to local denial of service in xmllint interactive shell", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2026-1757" ], "unique" : false }, { "id" : "CVE-2026-0990", "title" : "Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0990" ], "unique" : false }, { "id" : "CVE-2025-32414", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32414" ], "unique" : false }, { "id" : "CVE-2024-34459", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-34459" ], "unique" : false }, { "id" : "CVE-2025-26434", "title" : "In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-26434" ], "unique" : false }, { "id" : "CVE-2026-11979", "title" : "Stack-Based Buffer Overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-11979" ], "unique" : false }, { "id" : "CVE-2026-0989", "title" : "Libxml2: unbounded relaxng include recursion leading to stack overflow", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-0989" ], "unique" : false }, { "id" : "CVE-2026-0992", "title" : "Libxml2: libxml2: denial of service via crafted xml catalogs", "source" : "redhat-csaf", "cvssScore" : 2.9, "severity" : "LOW", "cves" : [ "CVE-2026-0992" ], "unique" : false }, { "id" : "CVE-2025-6170", "title" : "Libxml2: stack buffer overflow in xmllint interactive shell command handling", "source" : "redhat-csaf", "cvssScore" : 2.5, "severity" : "LOW", "cves" : [ "CVE-2025-6170" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-5.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2026-24882", "title" : "In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.", "source" : "redhat-csaf", "cvssScore" : 8.4, "severity" : "HIGH", "cves" : [ "CVE-2026-24882" ], "unique" : false }, { "id" : "CVE-2025-68973", "title" : "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-68973" ], "unique" : false }, { "id" : "CVE-2025-68972", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68972" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-24882", "title" : "In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.", "source" : "redhat-csaf", "cvssScore" : 8.4, "severity" : "HIGH", "cves" : [ "CVE-2026-24882" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnutls@3.8.3-10.el9_7?arch=x86_64&distro=rhel-9.7&upstream=gnutls-3.8.3-10.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2026-42013", "title" : "Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2026-42013" ], "unique" : false }, { "id" : "CVE-2026-5260", "title" : "Gnutls: gnutls: information disclosure via heap overread in rsa key exchange", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2026-5260" ], "unique" : false }, { "id" : "CVE-2026-1584", "title" : "Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-1584" ], "unique" : false }, { "id" : "CVE-2026-33845", "title" : "Gnutls: gnutls: denial of service via dtls zero-length fragment", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-33845" ], "unique" : false }, { "id" : "CVE-2026-33846", "title" : "Gnutls: gnutls: denial of service via heap buffer overflow in dtls handshake fragment reassembly", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-33846" ], "unique" : false }, { "id" : "CVE-2026-42009", "title" : "Gnutls: gnutls: denial of service via dtls packet reordering vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-42009" ], "unique" : false }, { "id" : "CVE-2026-42011", "title" : "Gnutls: gnutls: security bypass due to incorrect name constraint handling", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2026-42011" ], "unique" : false }, { "id" : "CVE-2026-42010", "title" : "Gnutls: gnutls: authentication bypass via nul character in username", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-42010" ], "unique" : false }, { "id" : "CVE-2026-42012", "title" : "Gnutls: gnutls: certificate validation bypass due to improper handling of uri and srv sans", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-42012" ], "unique" : false }, { "id" : "CVE-2025-32988", "title" : "Gnutls: vulnerability in gnutls othername san export", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32988" ], "unique" : false }, { "id" : "CVE-2025-32990", "title" : "Gnutls: vulnerability in gnutls certtool template parsing", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32990" ], "unique" : false }, { "id" : "CVE-2025-6395", "title" : "Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6395" ], "unique" : false }, { "id" : "CVE-2026-3833", "title" : "Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3833" ], "unique" : false }, { "id" : "CVE-2025-14831", "title" : "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14831" ], "unique" : false }, { "id" : "CVE-2025-32989", "title" : "Gnutls: vulnerability in gnutls sct extension parsing", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32989" ], "unique" : false }, { "id" : "CVE-2026-42015", "title" : "Gnutls: gnutls: memory corruption due to off-by-one error in pkcs#12 bag handling", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42015" ], "unique" : false }, { "id" : "CVE-2025-9820", "title" : "Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9820" ], "unique" : false }, { "id" : "CVE-2026-3832", "title" : "Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-3832" ], "unique" : false }, { "id" : "CVE-2026-5419", "title" : "Gnutls: gnutls: information disclosure via timing side-channel in pkcs#7 padding removal", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-5419" ], "unique" : false }, { "id" : "CVE-2026-42014", "title" : "Gnutls: gnutls: use-after-free in gnutls_pkcs11_token_set_pin", "source" : "redhat-csaf", "cves" : [ "CVE-2026-42014" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-42013", "title" : "Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2026-42013" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glib2@2.68.4-18.el9_7.1?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.1.src.rpm", "issues" : [ { "id" : "CVE-2025-13601", "title" : "Glib: integer overflow in in g_escape_uri_string()", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-13601" ], "unique" : false }, { "id" : "CVE-2024-52533", "title" : "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2024-52533" ], "unique" : false }, { "id" : "CVE-2025-14512", "title" : "Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14512" ], "unique" : false }, { "id" : "CVE-2025-14087", "title" : "Glib: glib: buffer underflow in gvariant parser leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14087" ], "unique" : false }, { "id" : "CVE-2025-4373", "title" : "Glib: buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4373" ], "unique" : false }, { "id" : "CVE-2025-7039", "title" : "Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2025-7039" ], "unique" : false }, { "id" : "CVE-2026-0988", "title" : "Glib: glib: denial of service via integer overflow in g_buffered_input_stream_peek()", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-0988" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13601", "title" : "Glib: integer overflow in in g_escape_uri_string()", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-13601" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.34.1-9.el9_7?arch=x86_64&distro=rhel-9.7&upstream=sqlite-3.34.1-9.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64&distro=rhel-9.7&upstream=libgcrypt-1.10.0-11.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false }, { "id" : "CVE-2026-41990", "title" : "Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2026-41990" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.7&upstream=xz-5.2.5-8.el9_0.src.rpm", "issues" : [ { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libnghttp2@1.43.0-6.el9_7.1?arch=x86_64&distro=rhel-9.7&upstream=nghttp2-1.43.0-6.el9_7.1.src.rpm", "issues" : [ { "id" : "CVE-2026-27135", "title" : "nghttp2 Denial of service: Assertion failure due to the missing state validation", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-27135" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-27135", "title" : "nghttp2 Denial of service: Assertion failure due to the missing state validation", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-27135" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libblkid@2.37.4-21.el9_7?arch=x86_64&distro=rhel-9.7&upstream=util-linux-2.37.4-21.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2026-13595", "title" : "Util-linux: util-linux: heap use-after-free in libblkid nested partition probing", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-13595" ], "unique" : false }, { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false }, { "id" : "CVE-2026-27456", "title" : "util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-27456" ], "unique" : false }, { "id" : "CVE-2026-3184", "title" : "Util-linux: util-linux: access control bypass due to improper hostname canonicalization", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-3184" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-13595", "title" : "Util-linux: util-linux: heap use-after-free in libblkid nested partition probing", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-13595" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-10.el9?arch=x86_64&distro=rhel-9.7&upstream=libcap-2.48-10.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sed@4.8-9.el9?arch=x86_64&distro=rhel-9.7&upstream=sed-4.8-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libmount@2.37.4-21.el9_7?arch=x86_64&distro=rhel-9.7&upstream=util-linux-2.37.4-21.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libuuid@2.37.4-21.el9_7?arch=x86_64&distro=rhel-9.7&upstream=util-linux-2.37.4-21.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.7&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.21.1-9.el9_7?arch=x86_64&distro=rhel-9.7&upstream=krb5-1.21.1-9.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-3576", "title" : "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false }, { "id" : "CVE-2026-40355", "title" : "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-40355" ], "unique" : false }, { "id" : "CVE-2026-40356", "title" : "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-40356" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-3576", "title" : "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcurl-minimal@7.76.1-35.el9_7.3?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-35.el9_7.3.src.rpm", "issues" : [ { "id" : "CVE-2025-9086", "title" : "Out of bounds read for cookie path", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-9086", "title" : "Out of bounds read for cookie path", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit-trust@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=x86_64&distro=rhel-9.7&upstream=coreutils-8.32-39.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/shadow-utils@4.9-15.el9?arch=x86_64&distro=rhel-9.7&epoch=2&upstream=shadow-utils-4.9-15.el9.src.rpm", "issues" : [ { "id" : "CVE-2024-56433", "title" : "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "source" : "redhat-csaf", "cvssScore" : 3.6, "severity" : "LOW", "cves" : [ "CVE-2024-56433" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-56433", "title" : "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "source" : "redhat-csaf", "cvssScore" : 3.6, "severity" : "LOW", "cves" : [ "CVE-2024-56433" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtirpc@1.3.3-9.el9?arch=x86_64&distro=rhel-9.7&upstream=libtirpc-1.3.3-9.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.5.1-7.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-7.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2026-45445", "title" : "AES-OCB IV Ignored on EVP_Cipher() Path", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2026-45445" ], "unique" : false }, { "id" : "CVE-2026-45447", "title" : "Heap Use-After-Free in the PKCS7_verify() Function", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-45447" ], "unique" : false }, { "id" : "CVE-2026-28390", "title" : "Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-28390" ], "unique" : false }, { "id" : "CVE-2026-34183", "title" : "Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-34183" ], "unique" : false }, { "id" : "CVE-2025-69419", "title" : "Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2026-34182", "title" : "CMS AuthEnvelopedData Processing May Accept Forged Messages", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2026-34182" ], "unique" : false }, { "id" : "CVE-2025-69421", "title" : "NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2026-34181", "title" : "PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34181" ], "unique" : false }, { "id" : "CVE-2026-42768", "title" : "Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42768" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "title" : "Missing ASN1_TYPE validation in TS_RESP_verify_response() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "title" : "ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false }, { "id" : "CVE-2026-42764", "title" : "NULL Pointer Dereference in QUIC Server Initial Packet Handling", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42764" ], "unique" : false }, { "id" : "CVE-2026-42769", "title" : "Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42769" ], "unique" : false }, { "id" : "CVE-2026-42770", "title" : "FFC-DH Peer Validation Uses Attacker-Supplied q", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42770" ], "unique" : false }, { "id" : "CVE-2026-9076", "title" : "Out-of-Bounds Read in CMS Password-Based Decryption", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-9076" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "title" : "Missing ASN1_TYPE validation in PKCS#12 parsing", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2026-7383", "title" : "Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-7383" ], "unique" : false }, { "id" : "CVE-2026-42766", "title" : "Possible NULL Dereference in Password-Based CMS Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42766" ], "unique" : false }, { "id" : "CVE-2026-42767", "title" : "NULL Pointer Dereference in CRMF EncryptedValue Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42767" ], "unique" : false }, { "id" : "CVE-2026-34180", "title" : "Heap Buffer Over-read in ASN.1 Content Parsing", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34180" ], "unique" : false }, { "id" : "CVE-2025-68160", "title" : "Heap out-of-bounds write in BIO_f_linebuffer on short writes", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "title" : "Unauthenticated/unencrypted trailing bytes with low-level OCB function calls", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2026-45446", "title" : "Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-45446" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-10.el9?arch=x86_64&distro=rhel-9.7&upstream=libcap-2.48-10.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sed@4.8-9.el9?arch=x86_64&distro=rhel-9.7&upstream=sed-4.8-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.7&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.21.1-9.el9_7?arch=x86_64&distro=rhel-9.7&upstream=krb5-1.21.1-9.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-3576", "title" : "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false }, { "id" : "CVE-2026-40355", "title" : "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-40355" ], "unique" : false }, { "id" : "CVE-2026-40356", "title" : "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-40356" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-3576", "title" : "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit-trust@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=x86_64&distro=rhel-9.7&upstream=coreutils-8.32-39.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/microdnf@3.9.1-3.el9?arch=x86_64&distro=rhel-9.7&upstream=microdnf-3.9.1-3.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.5.1-7.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-7.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2026-45445", "title" : "AES-OCB IV Ignored on EVP_Cipher() Path", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2026-45445" ], "unique" : false }, { "id" : "CVE-2026-45447", "title" : "Heap Use-After-Free in the PKCS7_verify() Function", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-45447" ], "unique" : false }, { "id" : "CVE-2026-28390", "title" : "Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-28390" ], "unique" : false }, { "id" : "CVE-2026-34183", "title" : "Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-34183" ], "unique" : false }, { "id" : "CVE-2025-69419", "title" : "Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2026-34182", "title" : "CMS AuthEnvelopedData Processing May Accept Forged Messages", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2026-34182" ], "unique" : false }, { "id" : "CVE-2025-69421", "title" : "NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2026-34181", "title" : "PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34181" ], "unique" : false }, { "id" : "CVE-2026-42768", "title" : "Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42768" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "title" : "Missing ASN1_TYPE validation in TS_RESP_verify_response() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "title" : "ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false }, { "id" : "CVE-2026-42764", "title" : "NULL Pointer Dereference in QUIC Server Initial Packet Handling", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42764" ], "unique" : false }, { "id" : "CVE-2026-42769", "title" : "Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42769" ], "unique" : false }, { "id" : "CVE-2026-42770", "title" : "FFC-DH Peer Validation Uses Attacker-Supplied q", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42770" ], "unique" : false }, { "id" : "CVE-2026-9076", "title" : "Out-of-Bounds Read in CMS Password-Based Decryption", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-9076" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "title" : "Missing ASN1_TYPE validation in PKCS#12 parsing", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2026-7383", "title" : "Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-7383" ], "unique" : false }, { "id" : "CVE-2026-42766", "title" : "Possible NULL Dereference in Password-Based CMS Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42766" ], "unique" : false }, { "id" : "CVE-2026-42767", "title" : "NULL Pointer Dereference in CRMF EncryptedValue Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42767" ], "unique" : false }, { "id" : "CVE-2026-34180", "title" : "Heap Buffer Over-read in ASN.1 Content Parsing", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34180" ], "unique" : false }, { "id" : "CVE-2025-68160", "title" : "Heap out-of-bounds write in BIO_f_linebuffer on short writes", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "title" : "Unauthenticated/unencrypted trailing bytes with low-level OCB function calls", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2026-45446", "title" : "Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-45446" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false }, { "id" : "CVE-2025-49794", "title" : "Libxml: heap use after free (uaf) leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49794" ], "unique" : false }, { "id" : "CVE-2025-49796", "title" : "Libxml: type confusion leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49796" ], "unique" : false }, { "id" : "CVE-2024-56171", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2024-56171" ], "unique" : false }, { "id" : "CVE-2025-24928", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-24928" ], "unique" : false }, { "id" : "CVE-2025-7425", "title" : "Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-7425" ], "unique" : false }, { "id" : "CVE-2025-32415", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-32415" ], "unique" : false }, { "id" : "CVE-2025-49795", "title" : "Libxml: null pointer dereference leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-49795" ], "unique" : false }, { "id" : "CVE-2025-6021", "title" : "Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6021" ], "unique" : false }, { "id" : "CVE-2025-7424", "title" : "Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-7424" ], "unique" : false }, { "id" : "CVE-2026-6732", "title" : "Libxml2: libxml2: denial of service via crafted xsd-validated document", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6732" ], "unique" : false }, { "id" : "CVE-2025-9714", "title" : "Stack overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9714" ], "unique" : false }, { "id" : "CVE-2026-1757", "title" : "Libxml2: memory leak leading to local denial of service in xmllint interactive shell", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2026-1757" ], "unique" : false }, { "id" : "CVE-2026-0990", "title" : "Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0990" ], "unique" : false }, { "id" : "CVE-2025-32414", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32414" ], "unique" : false }, { "id" : "CVE-2024-34459", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-34459" ], "unique" : false }, { "id" : "CVE-2025-26434", "title" : "In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-26434" ], "unique" : false }, { "id" : "CVE-2026-11979", "title" : "Stack-Based Buffer Overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-11979" ], "unique" : false }, { "id" : "CVE-2026-0989", "title" : "Libxml2: unbounded relaxng include recursion leading to stack overflow", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-0989" ], "unique" : false }, { "id" : "CVE-2026-0992", "title" : "Libxml2: libxml2: denial of service via crafted xml catalogs", "source" : "redhat-csaf", "cvssScore" : 2.9, "severity" : "LOW", "cves" : [ "CVE-2026-0992" ], "unique" : false }, { "id" : "CVE-2025-6170", "title" : "Libxml2: stack buffer overflow in xmllint interactive shell command handling", "source" : "redhat-csaf", "cvssScore" : 2.5, "severity" : "LOW", "cves" : [ "CVE-2025-6170" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-5.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2026-24882", "title" : "In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.", "source" : "redhat-csaf", "cvssScore" : 8.4, "severity" : "HIGH", "cves" : [ "CVE-2026-24882" ], "unique" : false }, { "id" : "CVE-2025-68973", "title" : "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-68973" ], "unique" : false }, { "id" : "CVE-2025-68972", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68972" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-24882", "title" : "In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.", "source" : "redhat-csaf", "cvssScore" : 8.4, "severity" : "HIGH", "cves" : [ "CVE-2026-24882" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnutls@3.8.3-10.el9_7?arch=x86_64&distro=rhel-9.7&upstream=gnutls-3.8.3-10.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2026-42013", "title" : "Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2026-42013" ], "unique" : false }, { "id" : "CVE-2026-5260", "title" : "Gnutls: gnutls: information disclosure via heap overread in rsa key exchange", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2026-5260" ], "unique" : false }, { "id" : "CVE-2026-1584", "title" : "Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-1584" ], "unique" : false }, { "id" : "CVE-2026-33845", "title" : "Gnutls: gnutls: denial of service via dtls zero-length fragment", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-33845" ], "unique" : false }, { "id" : "CVE-2026-33846", "title" : "Gnutls: gnutls: denial of service via heap buffer overflow in dtls handshake fragment reassembly", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-33846" ], "unique" : false }, { "id" : "CVE-2026-42009", "title" : "Gnutls: gnutls: denial of service via dtls packet reordering vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-42009" ], "unique" : false }, { "id" : "CVE-2026-42011", "title" : "Gnutls: gnutls: security bypass due to incorrect name constraint handling", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2026-42011" ], "unique" : false }, { "id" : "CVE-2026-42010", "title" : "Gnutls: gnutls: authentication bypass via nul character in username", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-42010" ], "unique" : false }, { "id" : "CVE-2026-42012", "title" : "Gnutls: gnutls: certificate validation bypass due to improper handling of uri and srv sans", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-42012" ], "unique" : false }, { "id" : "CVE-2025-32988", "title" : "Gnutls: vulnerability in gnutls othername san export", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32988" ], "unique" : false }, { "id" : "CVE-2025-32990", "title" : "Gnutls: vulnerability in gnutls certtool template parsing", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32990" ], "unique" : false }, { "id" : "CVE-2025-6395", "title" : "Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6395" ], "unique" : false }, { "id" : "CVE-2026-3833", "title" : "Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3833" ], "unique" : false }, { "id" : "CVE-2025-14831", "title" : "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14831" ], "unique" : false }, { "id" : "CVE-2025-32989", "title" : "Gnutls: vulnerability in gnutls sct extension parsing", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32989" ], "unique" : false }, { "id" : "CVE-2026-42015", "title" : "Gnutls: gnutls: memory corruption due to off-by-one error in pkcs#12 bag handling", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42015" ], "unique" : false }, { "id" : "CVE-2025-9820", "title" : "Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9820" ], "unique" : false }, { "id" : "CVE-2026-3832", "title" : "Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-3832" ], "unique" : false }, { "id" : "CVE-2026-5419", "title" : "Gnutls: gnutls: information disclosure via timing side-channel in pkcs#7 padding removal", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-5419" ], "unique" : false }, { "id" : "CVE-2026-42014", "title" : "Gnutls: gnutls: use-after-free in gnutls_pkcs11_token_set_pin", "source" : "redhat-csaf", "cves" : [ "CVE-2026-42014" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-42013", "title" : "Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2026-42013" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libarchive@3.5.3-9.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-9.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-5914", "title" : "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-5914" ], "unique" : false }, { "id" : "CVE-2026-14164", "title" : "Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-14164" ], "unique" : false }, { "id" : "CVE-2026-4111", "title" : "Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-4111" ], "unique" : false }, { "id" : "CVE-2026-4424", "title" : "Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-4424" ], "unique" : false }, { "id" : "CVE-2026-5121", "title" : "Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-5121" ], "unique" : false }, { "id" : "CVE-2026-4426", "title" : "Libarchive: libarchive: denial of service via malformed iso file processing", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4426" ], "unique" : false }, { "id" : "CVE-2025-60753", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-60753" ], "unique" : false }, { "id" : "CVE-2026-5745", "title" : "Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5745" ], "unique" : false }, { "id" : "CVE-2024-57970", "title" : "libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-57970" ], "unique" : false }, { "id" : "CVE-2025-25724", "title" : "list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-25724" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5914", "title" : "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-5914" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libsolv@0.7.24-3.el9?arch=x86_64&distro=rhel-9.7&upstream=libsolv-0.7.24-3.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-48864", "title" : "Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2026-48864" ], "unique" : false }, { "id" : "CVE-2026-9149", "title" : "Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-9149" ], "unique" : false }, { "id" : "CVE-2026-9150", "title" : "Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-9150" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-48864", "title" : "Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2026-48864" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glib2@2.68.4-18.el9_7.1?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.1.src.rpm", "issues" : [ { "id" : "CVE-2025-13601", "title" : "Glib: integer overflow in in g_escape_uri_string()", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-13601" ], "unique" : false }, { "id" : "CVE-2024-52533", "title" : "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2024-52533" ], "unique" : false }, { "id" : "CVE-2025-14512", "title" : "Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14512" ], "unique" : false }, { "id" : "CVE-2025-14087", "title" : "Glib: glib: buffer underflow in gvariant parser leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14087" ], "unique" : false }, { "id" : "CVE-2025-4373", "title" : "Glib: buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4373" ], "unique" : false }, { "id" : "CVE-2025-7039", "title" : "Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2025-7039" ], "unique" : false }, { "id" : "CVE-2026-0988", "title" : "Glib: glib: denial of service via integer overflow in g_buffered_input_stream_peek()", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-0988" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13601", "title" : "Glib: integer overflow in in g_escape_uri_string()", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-13601" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.34.1-9.el9_7?arch=x86_64&distro=rhel-9.7&upstream=sqlite-3.34.1-9.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64&distro=rhel-9.7&upstream=libgcrypt-1.10.0-11.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false }, { "id" : "CVE-2026-41990", "title" : "Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2026-41990" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.7&upstream=xz-5.2.5-8.el9_0.src.rpm", "issues" : [ { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libnghttp2@1.43.0-6.el9_7.1?arch=x86_64&distro=rhel-9.7&upstream=nghttp2-1.43.0-6.el9_7.1.src.rpm", "issues" : [ { "id" : "CVE-2026-27135", "title" : "nghttp2 Denial of service: Assertion failure due to the missing state validation", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-27135" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-27135", "title" : "nghttp2 Denial of service: Assertion failure due to the missing state validation", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-27135" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rpm@4.16.1.3-39.el9?arch=x86_64&distro=rhel-9.7&upstream=rpm-4.16.1.3-39.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-44604", "title" : "Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2026-44604" ], "unique" : false }, { "id" : "CVE-2026-44605", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-44605" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-44604", "title" : "Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2026-44604" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libblkid@2.37.4-21.el9_7?arch=x86_64&distro=rhel-9.7&upstream=util-linux-2.37.4-21.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2026-13595", "title" : "Util-linux: util-linux: heap use-after-free in libblkid nested partition probing", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-13595" ], "unique" : false }, { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false }, { "id" : "CVE-2026-27456", "title" : "util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-27456" ], "unique" : false }, { "id" : "CVE-2026-3184", "title" : "Util-linux: util-linux: access control bypass due to improper hostname canonicalization", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-3184" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-13595", "title" : "Util-linux: util-linux: heap use-after-free in libblkid nested partition probing", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-13595" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-10.el9?arch=x86_64&distro=rhel-9.7&upstream=libcap-2.48-10.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sed@4.8-9.el9?arch=x86_64&distro=rhel-9.7&upstream=sed-4.8-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libmount@2.37.4-21.el9_7?arch=x86_64&distro=rhel-9.7&upstream=util-linux-2.37.4-21.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libuuid@2.37.4-21.el9_7?arch=x86_64&distro=rhel-9.7&upstream=util-linux-2.37.4-21.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libsmartcols@2.37.4-21.el9_7?arch=x86_64&distro=rhel-9.7&upstream=util-linux-2.37.4-21.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.7&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.21.1-9.el9_7?arch=x86_64&distro=rhel-9.7&upstream=krb5-1.21.1-9.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-3576", "title" : "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false }, { "id" : "CVE-2026-40355", "title" : "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-40355" ], "unique" : false }, { "id" : "CVE-2026-40356", "title" : "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-40356" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-3576", "title" : "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcurl-minimal@7.76.1-35.el9_7.3?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-35.el9_7.3.src.rpm", "issues" : [ { "id" : "CVE-2025-9086", "title" : "Out of bounds read for cookie path", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-9086", "title" : "Out of bounds read for cookie path", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit-trust@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=x86_64&distro=rhel-9.7&upstream=coreutils-8.32-39.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/shadow-utils@4.9-15.el9?arch=x86_64&distro=rhel-9.7&epoch=2&upstream=shadow-utils-4.9-15.el9.src.rpm", "issues" : [ { "id" : "CVE-2024-56433", "title" : "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "source" : "redhat-csaf", "cvssScore" : 3.6, "severity" : "LOW", "cves" : [ "CVE-2024-56433" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-56433", "title" : "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "source" : "redhat-csaf", "cvssScore" : 3.6, "severity" : "LOW", "cves" : [ "CVE-2024-56433" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3.12@3.12.12-4.el9_7.3?arch=x86_64&distro=rhel-9.7&upstream=python3.12-3.12.12-4.el9_7.3.src.rpm", "issues" : [ { "id" : "CVE-2026-6100", "title" : "Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-6100" ], "unique" : false }, { "id" : "CVE-2025-12084", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-12084" ], "unique" : false }, { "id" : "CVE-2025-15366", "title" : "IMAP command injection in user-controlled commands", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15366" ], "unique" : false }, { "id" : "CVE-2025-15367", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15367" ], "unique" : false }, { "id" : "CVE-2026-1299", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-1299" ], "unique" : false }, { "id" : "CVE-2026-4519", "title" : "webbrowser.open() allows leading dashes in URLs", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4519" ], "unique" : false }, { "id" : "CVE-2026-4786", "title" : "Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4786" ], "unique" : false }, { "id" : "CVE-2025-13836", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13836" ], "unique" : false }, { "id" : "CVE-2026-6019", "title" : "BaseCookie.js_output() does not neutralize embedded characters", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6019" ], "unique" : false }, { "id" : "CVE-2026-11972", "title" : "tarfile opened in streaming mode mishandles EOF", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-11972" ], "unique" : false }, { "id" : "CVE-2026-5713", "title" : "Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target", "source" : "redhat-csaf", "cvssScore" : 6.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5713" ], "unique" : false }, { "id" : "CVE-2025-13837", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13837" ], "unique" : false }, { "id" : "CVE-2026-4224", "title" : "Stack overflow parsing XML with deeply nested DTD content models", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4224" ], "unique" : false }, { "id" : "CVE-2026-3644", "title" : "Incomplete control character validation in http.cookies", "source" : "redhat-csaf", "cvssScore" : 5.4, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3644" ], "unique" : false }, { "id" : "CVE-2025-59375", "title" : "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-59375" ], "unique" : false }, { "id" : "CVE-2026-3446", "title" : "Base64 decoding stops at first padded quad by default", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3446" ], "unique" : false }, { "id" : "CVE-2025-15282", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15282" ], "unique" : false }, { "id" : "CVE-2026-0672", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0672" ], "unique" : false }, { "id" : "CVE-2025-11468", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11468" ], "unique" : false }, { "id" : "CVE-2026-0865", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0865" ], "unique" : false }, { "id" : "CVE-2026-1502", "title" : "HTTP client proxy tunnel headers not validated for CR/LF", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-1502" ], "unique" : false }, { "id" : "CVE-2025-8291", "title" : "ZIP64 End of Central Directory (EOCD) Locator record offset not checked", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8291" ], "unique" : false }, { "id" : "CVE-2025-6075", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6075" ], "unique" : false }, { "id" : "CVE-2026-2297", "title" : "SourcelessFileLoader does not use io.open_code()", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2026-2297" ], "unique" : false }, { "id" : "CVE-2026-3479", "title" : "pkgutil.get_data() does not enforce documented restrictions", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2026-3479" ], "unique" : false }, { "id" : "CVE-2025-13462", "title" : "tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling", "source" : "redhat-csaf", "cvssScore" : 2.5, "severity" : "LOW", "cves" : [ "CVE-2025-13462" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.5.1-7.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-7.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2026-45445", "title" : "AES-OCB IV Ignored on EVP_Cipher() Path", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2026-45445" ], "unique" : false }, { "id" : "CVE-2026-45447", "title" : "Heap Use-After-Free in the PKCS7_verify() Function", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-45447" ], "unique" : false }, { "id" : "CVE-2026-28390", "title" : "Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-28390" ], "unique" : false }, { "id" : "CVE-2026-34183", "title" : "Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-34183" ], "unique" : false }, { "id" : "CVE-2025-69419", "title" : "Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2026-34182", "title" : "CMS AuthEnvelopedData Processing May Accept Forged Messages", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2026-34182" ], "unique" : false }, { "id" : "CVE-2025-69421", "title" : "NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2026-34181", "title" : "PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34181" ], "unique" : false }, { "id" : "CVE-2026-42768", "title" : "Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42768" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "title" : "Missing ASN1_TYPE validation in TS_RESP_verify_response() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "title" : "ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false }, { "id" : "CVE-2026-42764", "title" : "NULL Pointer Dereference in QUIC Server Initial Packet Handling", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42764" ], "unique" : false }, { "id" : "CVE-2026-42769", "title" : "Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42769" ], "unique" : false }, { "id" : "CVE-2026-42770", "title" : "FFC-DH Peer Validation Uses Attacker-Supplied q", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42770" ], "unique" : false }, { "id" : "CVE-2026-9076", "title" : "Out-of-Bounds Read in CMS Password-Based Decryption", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-9076" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "title" : "Missing ASN1_TYPE validation in PKCS#12 parsing", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2026-7383", "title" : "Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-7383" ], "unique" : false }, { "id" : "CVE-2026-42766", "title" : "Possible NULL Dereference in Password-Based CMS Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42766" ], "unique" : false }, { "id" : "CVE-2026-42767", "title" : "NULL Pointer Dereference in CRMF EncryptedValue Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42767" ], "unique" : false }, { "id" : "CVE-2026-34180", "title" : "Heap Buffer Over-read in ASN.1 Content Parsing", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34180" ], "unique" : false }, { "id" : "CVE-2025-68160", "title" : "Heap out-of-bounds write in BIO_f_linebuffer on short writes", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "title" : "Unauthenticated/unencrypted trailing bytes with low-level OCB function calls", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2026-45446", "title" : "Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-45446" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3.12-libs@3.12.12-4.el9_7.3?arch=x86_64&distro=rhel-9.7&upstream=python3.12-3.12.12-4.el9_7.3.src.rpm", "issues" : [ { "id" : "CVE-2026-6100", "title" : "Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-6100" ], "unique" : false }, { "id" : "CVE-2026-4519", "title" : "webbrowser.open() allows leading dashes in URLs", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4519" ], "unique" : false }, { "id" : "CVE-2026-4786", "title" : "Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4786" ], "unique" : false }, { "id" : "CVE-2025-13837", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13837" ], "unique" : false }, { "id" : "CVE-2026-4224", "title" : "Stack overflow parsing XML with deeply nested DTD content models", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4224" ], "unique" : false }, { "id" : "CVE-2026-3644", "title" : "Incomplete control character validation in http.cookies", "source" : "redhat-csaf", "cvssScore" : 5.4, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3644" ], "unique" : false }, { "id" : "CVE-2025-59375", "title" : "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-59375" ], "unique" : false }, { "id" : "CVE-2025-15282", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15282" ], "unique" : false }, { "id" : "CVE-2026-0672", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0672" ], "unique" : false }, { "id" : "CVE-2026-0865", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0865" ], "unique" : false }, { "id" : "CVE-2026-1502", "title" : "HTTP client proxy tunnel headers not validated for CR/LF", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-1502" ], "unique" : false }, { "id" : "CVE-2025-6075", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6075" ], "unique" : false }, { "id" : "CVE-2026-2297", "title" : "SourcelessFileLoader does not use io.open_code()", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2026-2297" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-6100", "title" : "Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-6100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.34.1-9.el9_7?arch=x86_64&distro=rhel-9.7&upstream=sqlite-3.34.1-9.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1?arch=x86_64&distro=rhel-9.7&upstream=expat-2.5.0-5.el9_7.1.src.rpm", "issues" : [ { "id" : "CVE-2024-8176", "title" : "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-8176" ], "unique" : false }, { "id" : "CVE-2026-45186", "title" : "In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-45186" ], "unique" : false }, { "id" : "CVE-2026-56132", "title" : "In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.", "source" : "redhat-csaf", "cvssScore" : 6.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-56132" ], "unique" : false }, { "id" : "CVE-2025-59375", "title" : "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-59375" ], "unique" : false }, { "id" : "CVE-2026-50219", "title" : "libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation. Thus, a use-after-free can occur,", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-50219" ], "unique" : false }, { "id" : "CVE-2026-41080", "title" : "libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-41080" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-8176", "title" : "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-8176" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.7&upstream=xz-5.2.5-8.el9_0.src.rpm", "issues" : [ { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-10.el9?arch=x86_64&distro=rhel-9.7&upstream=libcap-2.48-10.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sed@4.8-9.el9?arch=x86_64&distro=rhel-9.7&upstream=sed-4.8-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libuuid@2.37.4-21.el9_7?arch=x86_64&distro=rhel-9.7&upstream=util-linux-2.37.4-21.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.7&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.21.1-9.el9_7?arch=x86_64&distro=rhel-9.7&upstream=krb5-1.21.1-9.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-3576", "title" : "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false }, { "id" : "CVE-2026-40355", "title" : "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-40355" ], "unique" : false }, { "id" : "CVE-2026-40356", "title" : "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-40356" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-3576", "title" : "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit-trust@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=x86_64&distro=rhel-9.7&upstream=coreutils-8.32-39.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libusbx@1.0.26-1.el9?arch=x86_64&distro=rhel-9.7&upstream=libusbx-1.0.26-1.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@3.5.1-7.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-7.el9_7.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2026-45445", "title" : "AES-OCB IV Ignored on EVP_Cipher() Path", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2026-45445" ], "unique" : false }, { "id" : "CVE-2026-45447", "title" : "Heap Use-After-Free in the PKCS7_verify() Function", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-45447" ], "unique" : false }, { "id" : "CVE-2026-28390", "title" : "Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-28390" ], "unique" : false }, { "id" : "CVE-2026-34183", "title" : "Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-34183" ], "unique" : false }, { "id" : "CVE-2025-69419", "title" : "Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2026-34182", "title" : "CMS AuthEnvelopedData Processing May Accept Forged Messages", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2026-34182" ], "unique" : false }, { "id" : "CVE-2025-69421", "title" : "NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2026-34181", "title" : "PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34181" ], "unique" : false }, { "id" : "CVE-2026-42768", "title" : "Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42768" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "title" : "Missing ASN1_TYPE validation in TS_RESP_verify_response() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "title" : "ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false }, { "id" : "CVE-2026-42764", "title" : "NULL Pointer Dereference in QUIC Server Initial Packet Handling", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42764" ], "unique" : false }, { "id" : "CVE-2026-42769", "title" : "Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42769" ], "unique" : false }, { "id" : "CVE-2026-42770", "title" : "FFC-DH Peer Validation Uses Attacker-Supplied q", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42770" ], "unique" : false }, { "id" : "CVE-2026-9076", "title" : "Out-of-Bounds Read in CMS Password-Based Decryption", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-9076" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "title" : "Missing ASN1_TYPE validation in PKCS#12 parsing", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2026-7383", "title" : "Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-7383" ], "unique" : false }, { "id" : "CVE-2026-42766", "title" : "Possible NULL Dereference in Password-Based CMS Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42766" ], "unique" : false }, { "id" : "CVE-2026-42767", "title" : "NULL Pointer Dereference in CRMF EncryptedValue Decryption", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-42767" ], "unique" : false }, { "id" : "CVE-2026-34180", "title" : "Heap Buffer Over-read in ASN.1 Content Parsing", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-34180" ], "unique" : false }, { "id" : "CVE-2025-68160", "title" : "Heap out-of-bounds write in BIO_f_linebuffer on short writes", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "title" : "Unauthenticated/unencrypted trailing bytes with low-level OCB function calls", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2026-45446", "title" : "Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-45446" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/systemd-libs@252-55.el9_7.8?arch=x86_64&distro=rhel-9.7&upstream=systemd-252-55.el9_7.8.src.rpm", "issues" : [ { "id" : "CVE-2026-29111", "title" : "systemd: Local unprivileged user can trigger an assert", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2026-29111" ], "unique" : false }, { "id" : "CVE-2025-4598", "title" : "Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4598" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-29111", "title" : "systemd: Local unprivileged user can trigger an assert", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2026-29111" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.10.0-11.el9?arch=x86_64&distro=rhel-9.7&upstream=libgcrypt-1.10.0-11.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false }, { "id" : "CVE-2026-41990", "title" : "Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2026-41990" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-41989", "title" : "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-41989" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0?arch=x86_64&distro=rhel-9.7&upstream=xz-5.2.5-8.el9_0.src.rpm", "issues" : [ { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-10.el9?arch=x86_64&distro=rhel-9.7&upstream=libcap-2.48-10.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-4878", "title" : "Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4878" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sed@4.8-9.el9?arch=x86_64&distro=rhel-9.7&upstream=sed-4.8-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-5958", "title" : "Race Condition in GNU Sed", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5958" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.7&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-8.el9?arch=x86_64&distro=rhel-9.7&upstream=openssl-fips-provider-3.0.7-8.el9.src.rpm", "issues" : [ { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-31790", "title" : "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-31790" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/p11-kit-trust@0.25.3-3.el9_5?arch=x86_64&distro=rhel-9.7&upstream=p11-kit-0.25.3-3.el9_5.src.rpm", "issues" : [ { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-2100", "title" : "P11-kit: null dereference via c_derivekey with specific null parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-2100" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/coreutils-single@8.32-39.el9?arch=x86_64&distro=rhel-9.7&upstream=coreutils-8.32-39.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5278", "title" : "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5278" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.16.0-9.el9?arch=x86_64&distro=rhel-9.7&upstream=libtasn1-4.16.0-9.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-13151", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13151" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libzstd@1.5.5-1.el9?arch=x86_64&distro=rhel-9.7&upstream=zstd-1.5.5-1.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1?arch=x86_64&distro=rhel-9.7&upstream=expat-2.5.0-5.el9_7.1.src.rpm", "issues" : [ { "id" : "CVE-2024-8176", "title" : "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-8176" ], "unique" : false }, { "id" : "CVE-2026-45186", "title" : "In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-45186" ], "unique" : false }, { "id" : "CVE-2026-56132", "title" : "In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.", "source" : "redhat-csaf", "cvssScore" : 6.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-56132" ], "unique" : false }, { "id" : "CVE-2025-59375", "title" : "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-59375" ], "unique" : false }, { "id" : "CVE-2026-50219", "title" : "libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation. Thus, a use-after-free can occur,", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-50219" ], "unique" : false }, { "id" : "CVE-2026-41080", "title" : "libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2026-41080" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/mpdecimal@2.5.1-3.el9?arch=x86_64&distro=rhel-9.7&upstream=mpdecimal-2.5.1-3.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/nss_wrapper-libs@1.1.13-1.el9?arch=x86_64&distro=rhel-9.7&upstream=nss_wrapper-1.1.13-1.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/findutils@4.8.0-7.el9?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=findutils-4.8.0-7.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rootfiles@8.1-35.el9?arch=noarch&distro=rhel-9.7&upstream=rootfiles-8.1-35.el9.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2026-6238", "title" : "Buffer overread in ns_printrrf with corrupted RDATA field", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-6238" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2026-3904", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3904" ], "unique" : false }, { "id" : "CVE-2026-5435", "title" : "Potential buffer overflow in ns_sprintrrf TSIG handling path", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5435" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2026-5928", "title" : "Potential buffer under-read in ungetwc", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5928" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10?arch=x86_64&distro=rhel-9.7&upstream=glibc-2.34-231.el9_7.10.src.rpm", "issues" : [ { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2026-4437", "title" : "gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4437" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2026-4046", "title" : "iconv crash due to assertion failure with untrusted input", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4046" ], "unique" : false }, { "id" : "CVE-2026-5450", "title" : "scanf %mc off-by-one heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-5450" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2026-4438", "title" : "gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2026-4438" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9?arch=noarch&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9?arch=x86_64&distro=rhel-9.7&upstream=ncurses-6.2-12.20210508.el9.src.rpm", "issues" : [ { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2026-0861", "title" : "Integer overflow in memalign leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false } } ] } }, "recommendations" : { "trusted-libraries" : { 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 295k 0 0 100 295k 0 208k 0:00:01 0:00:01 --:--:-- 208k 100 295k 0 0 100 295k 0 122k 0:00:02 0:00:02 --:--:-- 122k 100 295k 0 0 100 295k 0 88527 0:00:03 0:00:03 --:--:-- 88501 100 295k 0 0 100 295k 0 68473 0:00:04 0:00:04 --:--:-- 68458 100 295k 0 0 100 295k 0 55827 0:00:05 0:00:05 --:--:-- 55930 100 295k 0 0 100 295k 0 47124 0:00:06 0:00:06 --:--:-- 0 100 295k 0 0 100 295k 0 40768 0:00:07 0:00:07 --:--:-- 0 100 295k 0 0 100 295k 0 35923 0:00:08 0:00:08 --:--:-- 0 100 295k 0 0 100 295k 0 32108 0:00:09 0:00:09 --:--:-- 0 100 295k 0 0 100 295k 0 29025 0:00:10 0:00:10 --:--:-- 0 100 295k 0 0 100 295k 0 26482 0:00:11 0:00:11 --:--:-- 0 100 295k 0 0 100 295k 0 24349 0:00:12 0:00:12 --:--:-- 0 100 295k 0 0 100 295k 0 22533 0:00:13 0:00:13 --:--:-- 0 100 295k 0 0 100 295k 0 20970 0:00:14 0:00:14 --:--:-- 0 100 295k 0 0 100 295k 0 19610 0:00:15 0:00:15 --:--:-- 0 100 295k 0 0 100 295k 0 18415 0:00:16 0:00:16 --:--:-- 0 100 295k 0 0 100 295k 0 17358 0:00:17 0:00:17 --:--:-- 0 100 295k 0 0 100 295k 0 16694 0:00:18 0:00:18 --:--:-- 0 100 731k 0 435k 100 295k 24160 16391 0:00:18 0:00:18 --:--:-- 108k "summary" : { "total" : 6 }, "dependencies" : [ { "ref" : "pkg:pypi/blinker@1.9.0", "recommendation" : "pkg:pypi/blinker@1.9.0?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/markupsafe@3.0.3", "recommendation" : "pkg:pypi/markupsafe@3.0.3?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/werkzeug@3.1.8", "recommendation" : "pkg:pypi/werkzeug@3.1.8?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/click@8.4.2", "recommendation" : "pkg:pypi/click@8.4.2?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/jinja2@3.1.6", "recommendation" : "pkg:pypi/jinja2@3.1.6?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" }, { "ref" : "pkg:pypi/itsdangerous@2.2.0", "recommendation" : "pkg:pypi/itsdangerous@2.2.0?repository_url=https%3A%2F%2Fpackages.redhat.com%2Ftrusted-libraries%2Fpython" } ] } } } }, "licenses" : [ { "status" : { "ok" : true, "name" : "deps.dev", "code" : 200, "message" : "OK", "warnings" : { } }, "summary" : { "total" : 8, "concluded" : 129, "permissive" : 5, "weakCopyleft" : 0, "strongCopyleft" : 0, "unknown" : 3, "deprecated" : 0, "osiApproved" : 5, "fsfLibre" : 5 }, "packages" : { "pkg:rpm/redhat/libsmartcols@2.37.4-21.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/libzstd@1.5.5-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/json-c@0.14-11.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libusbx@1.0.26-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc@2.34-231.el9_7.10" : { "evidence" : [ ] }, "pkg:rpm/redhat/libselinux@3.6-3.el9" : { "evidence" : [ ] }, "pkg:oci/ubi9-minimal@sha256%3A7d4e47500f28ac3a2bff06c25eff9127ff21048538ae03ce240d57cf756acd00" : { "evidence" : [ ] }, "pkg:rpm/redhat/ncurses-base@6.2-12.20210508.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/openssl-fips-provider@3.0.7-8.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcap-ng@0.8.2-7.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcom_err@1.46.5-8.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/microdnf@3.9.1-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgpg-error@1.42-5.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcap@2.48-10.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libunistring@0.9.10-15.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libtirpc@1.3.3-9.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcurl-minimal@7.76.1-35.el9_7.3" : { "evidence" : [ ] }, "pkg:rpm/redhat/setup@2.13.7-10.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libpeas@1.30.0-4.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/shadow-utils@4.9-15.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/basesystem@11-13.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/curl-minimal@7.76.1-35.el9_7.3" : { "evidence" : [ ] }, "pkg:rpm/redhat/libidn2@2.3.0-7.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/grep@3.6-5.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsigsegv@2.13-4.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/findutils@4.8.0-7.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/ca-certificates@2024.2.69_v8.0.303-91.4.el9_4" : { "evidence" : [ ] }, "pkg:pypi/itsdangerous@2.2.0" : { "concluded" : { "identifiers" : [ { "id" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN" } ], "expression" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN" } ], "expression" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/redhat-release@9.7-0.7.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libksba@1.5.1-7.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgcrypt@1.10.0-11.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/openldap@2.6.8-4.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/python3.12-libs@3.12.12-4.el9_7.3" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsemanage@3.6-5.el9_6" : { "evidence" : [ ] }, "pkg:rpm/redhat/gawk@5.1.0-6.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/xz-libs@5.2.5-8.el9_0" : { "evidence" : [ ] }, "pkg:rpm/redhat/ncurses-libs@6.2-12.20210508.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/readline@8.1-4.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/rootfiles@8.1-35.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/lua-libs@5.4.4-4.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc-minimal-langpack@2.34-231.el9_7.10" : { "evidence" : [ ] }, "pkg:rpm/redhat/libarchive@3.5.3-9.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/lz4-libs@1.9.3-5.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/p11-kit-trust@0.25.3-3.el9_5" : { "evidence" : [ ] }, "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc-langpack-en@2.34-231.el9_7.10" : { "evidence" : [ ] }, "pkg:rpm/redhat/pcre@8.44-4.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/gmp@6.2.0-13.el9" : { "evidence" : [ ] }, "pkg:pypi/blinker@1.9.0" : { "concluded" : { "identifiers" : [ { "id" : "MIT", "name" : "MIT License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "MIT", "name" : "MIT License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "MIT", "name" : "MIT License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "MIT", "name" : "MIT License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/rpm-libs@4.16.1.3-39.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/crypto-policies@20250905-1.git377cc42.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/gnutls@3.8.3-10.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/python3.12@3.12.12-4.el9_7.3" : { "evidence" : [ ] }, "pkg:pypi/werkzeug@3.1.8" : { "concluded" : { "identifiers" : [ { "id" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/gpg-pubkey@5a6340b3-6229229e" : { "evidence" : [ ] }, "pkg:rpm/redhat/dejavu-sans-fonts@2.37-18.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libmodulemd@2.13.0-2.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/python3.12-pip-wheel@23.2.1-5.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/sed@4.8-9.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/filesystem@3.16-5.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/sqlite-libs@3.34.1-9.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/libuuid@2.37.4-21.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/pcre2@10.40-6.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libdnf@0.69.0-17.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1" : { "evidence" : [ ] }, "pkg:rpm/redhat/nss_wrapper-libs@1.1.13-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsolv@0.7.24-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libattr@2.5.1-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgcc@11.5.0-11.el9" : { "evidence" : [ ] }, "pkg:pypi/markupsafe@3.0.3" : { "concluded" : { "identifiers" : [ { "id" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/json-glib@1.6.6-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/gobject-introspection@1.68.0-11.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libnsl2@2.0.0-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/audit-libs@3.1.5-7.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/gpg-pubkey@fd431d51-4ae0493b" : { "evidence" : [ ] }, "pkg:rpm/redhat/fonts-filesystem@2.0.5-7.el9.1" : { "evidence" : [ ] }, "pkg:oci/python-312-minimal@sha256%3A3748c2b2908ade249fc7197f3d357562e18adeb37ce15621bda818fc7e8c0582" : { "evidence" : [ ] }, "pkg:rpm/redhat/nettle@3.10.1-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/langpacks-core-en@3.0-16.el9" : { "evidence" : [ ] }, "pkg:pypi/flask@2.3.3" : { "concluded" : { "identifiers" : [ { "id" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN" } ], "expression" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN" } ], "expression" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/libreport-filesystem@2.15.2-6.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/bash@5.1.8-9.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/langpacks-core-font-en@3.0-16.el9" : { "evidence" : [ ] }, "pkg:pypi/pip@24.2" : { "concluded" : { "identifiers" : [ { "id" : "MIT", "name" : "MIT License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "MIT", "name" : "MIT License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "MIT", "name" : "MIT License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "MIT", "name" : "MIT License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/zlib@1.2.11-40.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libverto@0.3.2-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libblkid@2.37.4-21.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/libnghttp2@1.43.0-6.el9_7.1" : { "evidence" : [ ] }, "pkg:rpm/redhat/rpm@4.16.1.3-39.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/systemd-libs@252-55.el9_7.8" : { "evidence" : [ ] }, "pkg:rpm/redhat/npth@1.6-8.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/coreutils-single@8.32-39.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/alternatives@1.24-2.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/gdbm-libs@1.23-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libstdc%2B%2B@11.5.0-11.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libassuan@2.5.5-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc-common@2.34-231.el9_7.10" : { "evidence" : [ ] }, "pkg:rpm/redhat/librepo@1.14.5-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/krb5-libs@1.21.1-9.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/gpgme@1.15.1-6.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-22.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libtasn1@4.16.0-9.el9" : { "evidence" : [ ] }, "pkg:pypi/jinja2@3.1.6" : { "concluded" : { "identifiers" : [ { "id" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN" } ], "expression" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN" } ], "expression" : "non-standard", "name" : "BSD License", "category" : "UNKNOWN", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/libxcrypt@4.4.18-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libtool-ltdl@2.4.6-46.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/librhsm@0.0.3-9.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libevent@2.1.12-8.el9_4" : { "evidence" : [ ] }, "pkg:rpm/redhat/openssl-libs@3.5.1-7.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/glib2@2.68.4-18.el9_7.1" : { "evidence" : [ ] }, "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/dnf-data@4.14.0-31.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/mpfr@4.1.0-7.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/mpdecimal@2.5.1-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libffi@3.4.2-8.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/keyutils-libs@1.6.3-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libacl@2.3.1-4.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/libyaml@0.2.5-7.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-8.el9" : { "evidence" : [ ] }, "pkg:oci/python-component-vrlzjc@sha256%3A30d17c3f7c4cd956f6c48f1de22db12e815b20f2582e32bfb7c9cf410c6ba67f" : { "evidence" : [ ] }, "pkg:rpm/redhat/libmount@2.37.4-21.el9_7" : { "evidence" : [ ] }, "pkg:pypi/click@8.4.2" : { "concluded" : { "identifiers" : [ { "id" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "BSD-3-Clause", "name" : "BSD 3-Clause \"New\" or \"Revised\" License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/libsepol@3.6-3.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/popt@1.18-8.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/tzdata@2026a-1.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/bzip2-libs@1.0.8-10.el9_5" : { "evidence" : [ ] }, "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7" : { "evidence" : [ ] }, "pkg:rpm/redhat/file-libs@5.39-16.el9" : { "evidence" : [ ] }, "pkg:rpm/redhat/p11-kit@0.25.3-3.el9_5" : { "evidence" : [ ] }, "pkg:rpm/redhat/langpacks-en@3.0-16.el9" : { "evidence" : [ ] } } } ] }