go: downloading github.com/konflux-ci/build-service v0.0.0-20240611083846-2dee6cfe6fe4 go: downloading github.com/google/go-github/v66 v66.0.0 go: downloading github.com/devfile/library/v2 v2.2.1-0.20230418160146-e75481b7eebd go: downloading github.com/konflux-ci/e2e-tests v0.0.0-20260506085906-2e394d3dcf2e go: downloading k8s.io/apimachinery v0.34.2 go: downloading github.com/google/go-containerregistry v0.20.7 go: downloading github.com/konflux-ci/release-service v0.0.0-20260127184035-c36c56a3c440 go: downloading github.com/konflux-ci/application-api v0.0.0-20260312190025-5154ad273e17 go: downloading github.com/onsi/gomega v1.39.1 go: downloading github.com/tektoncd/pipeline v1.7.0 go: downloading k8s.io/api v0.34.2 go: downloading github.com/go-logr/logr v1.4.3 go: downloading golang.org/x/sys v0.42.0 go: downloading github.com/openshift-pipelines/pipelines-as-code v0.34.0 go: downloading gopkg.in/yaml.v2 v2.4.0 go: downloading github.com/openshift/api v0.0.0-20260320151444-324a1bcb9f55 go: downloading golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90 go: downloading k8s.io/client-go v0.34.2 go: downloading k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 go: downloading knative.dev/pkg v0.0.0-20250424013628-d5e74d29daa3 go: downloading sigs.k8s.io/controller-runtime v0.20.2 go: downloading sigs.k8s.io/yaml v1.6.0 go: downloading github.com/bradleyfalzon/ghinstallation/v2 v2.17.0 go: downloading github.com/google/go-github/v45 v45.2.0 go: downloading golang.org/x/oauth2 v0.34.0 go: downloading github.com/prometheus/client_golang v1.23.2 go: downloading k8s.io/apiextensions-apiserver v0.34.2 go: downloading github.com/fatih/color v1.18.0 go: downloading github.com/go-git/go-git/v5 v5.16.5 go: downloading github.com/gobwas/glob v0.2.3 go: downloading github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 go: downloading github.com/pkg/errors v0.9.1 go: downloading k8s.io/klog v1.0.0 go: downloading github.com/hashicorp/go-multierror v1.1.1 go: downloading github.com/operator-framework/operator-lib v0.19.0 go: downloading github.com/konflux-ci/operator-toolkit v0.0.0-20260312101100-d4e398191a68 go: downloading github.com/google/go-cmp v0.7.0 go: downloading github.com/google/go-querystring v1.2.0 go: downloading github.com/konflux-ci/image-controller v0.0.0-20240530145826-3296e4996f6f go: downloading github.com/avast/retry-go/v4 v4.3.3 go: downloading k8s.io/klog/v2 v2.130.1 go: downloading github.com/xanzy/go-gitlab v0.114.0 go: downloading github.com/docker/cli v29.0.3+incompatible go: downloading github.com/magefile/mage v1.14.0 go: downloading github.com/mitchellh/go-homedir v1.1.0 go: downloading github.com/moby/buildkit v0.12.5 go: downloading github.com/openshift/library-go v0.0.0-20220525173854-9b950a41acdc go: downloading github.com/golang-jwt/jwt/v4 v4.5.2 go: downloading github.com/google/go-github/v75 v75.0.0 go: downloading go.yaml.in/yaml/v2 v2.4.4 go: downloading github.com/fsnotify/fsnotify v1.9.0 go: downloading github.com/spf13/afero v1.15.0 go: downloading github.com/gogo/protobuf v1.3.2 go: downloading gopkg.in/inf.v0 v0.9.1 go: downloading sigs.k8s.io/randfill v1.0.0 go: downloading sigs.k8s.io/structured-merge-diff/v6 v6.3.2 go: downloading github.com/evanphx/json-patch/v5 v5.9.11 go: downloading go.yaml.in/yaml/v3 v3.0.4 go: downloading golang.org/x/net v0.52.0 go: downloading codeberg.org/mvdkleijn/forgejo-sdk/forgejo/v2 v2.2.0 go: downloading github.com/gofri/go-github-ratelimit v1.0.3-0.20230428184158-a500e14de53f go: downloading github.com/codeready-toolchain/api v0.0.0-20231217224957-34f7cb3fcbf7 go: downloading github.com/conforma/crds/api v0.1.7 go: downloading github.com/konflux-ci/integration-service v0.0.0-20260330012634-6190adb9bbce go: downloading github.com/openshift/client-go v0.0.0-20260108185524-48f4ccfc4e13 go: downloading github.com/redhat-appstudio/jvm-build-service v0.0.0-20240126122210-0e2ee7e2e5b0 go: downloading github.com/vmware-tanzu/velero v1.17.2 go: downloading github.com/codeready-toolchain/toolchain-e2e v0.0.0-20220525131508-60876bfb99d3 go: downloading github.com/peterbourgon/diskv v2.0.1+incompatible go: downloading github.com/hashicorp/errwrap v1.1.0 go: downloading github.com/codeready-toolchain/toolchain-common v0.0.0-20220523142428-2558e76260fb go: downloading github.com/mattn/go-colorable v0.1.14 go: downloading github.com/mattn/go-isatty v0.0.20 go: downloading github.com/opencontainers/go-digest v1.0.0 go: downloading github.com/bmatcuk/doublestar/v4 v4.7.1 go: downloading github.com/opencontainers/image-spec v1.1.1 go: downloading oras.land/oras-go/v2 v2.5.0 go: downloading github.com/tektoncd/cli v0.43.0 go: downloading github.com/beorn7/perks v1.0.1 go: downloading github.com/cespare/xxhash/v2 v2.3.0 go: downloading github.com/prometheus/client_model v0.6.2 go: downloading github.com/prometheus/common v0.67.5 go: downloading github.com/prometheus/procfs v0.19.2 go: downloading google.golang.org/protobuf v1.36.11 go: downloading golang.org/x/text v0.35.0 go: downloading sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 go: downloading golang.org/x/crypto v0.49.0 go: downloading gomodules.xyz/jsonpatch/v2 v2.5.0 go: downloading k8s.io/kube-openapi v0.0.0-20260330154417-16be699c7b31 go: downloading github.com/hashicorp/go-cleanhttp v0.5.2 go: downloading github.com/hashicorp/go-retryablehttp v0.7.8 go: downloading golang.org/x/time v0.15.0 go: downloading github.com/json-iterator/go v1.1.12 go: downloading dario.cat/mergo v1.0.2 go: downloading github.com/ProtonMail/go-crypto v1.3.0 go: downloading github.com/go-git/go-billy/v5 v5.7.0 go: downloading github.com/sergi/go-diff v1.4.0 go: downloading github.com/42wim/httpsig v1.2.3 go: downloading github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e go: downloading github.com/hashicorp/go-version v1.7.0 go: downloading github.com/sirupsen/logrus v1.9.3 go: downloading github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 go: downloading github.com/google/cel-go v0.26.1 go: downloading github.com/google/btree v1.1.3 go: downloading github.com/containerd/stargz-snapshotter/estargz v0.18.1 go: downloading github.com/docker/distribution v2.8.3+incompatible go: downloading github.com/fxamacker/cbor/v2 v2.9.0 go: downloading github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 go: downloading github.com/pjbgf/sha1cd v0.5.0 go: downloading github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee go: downloading github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd go: downloading github.com/cyphar/filepath-securejoin v0.6.1 go: downloading github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 go: downloading github.com/emirpasic/gods v1.18.1 go: downloading github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 go: downloading github.com/docker/docker v28.5.2+incompatible go: downloading github.com/spf13/pflag v1.0.10 go: downloading github.com/containerd/typeurl/v2 v2.2.2 go: downloading github.com/docker/docker-credential-helpers v0.9.3 go: downloading github.com/klauspost/compress v1.18.2 go: downloading golang.org/x/term v0.41.0 go: downloading github.com/google/gnostic-models v0.7.1 go: downloading github.com/google/uuid v1.6.0 go: downloading github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc go: downloading github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 go: downloading github.com/kevinburke/ssh_config v1.4.0 go: downloading github.com/skeema/knownhosts v1.3.2 go: downloading github.com/xanzy/ssh-agent v0.3.3 go: downloading github.com/cloudflare/circl v1.6.3 go: downloading github.com/vbatts/tar-split v0.12.2 go: downloading contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20230502190836-7399e0f8ee5e go: downloading contrib.go.opencensus.io/exporter/prometheus v0.4.2 go: downloading go.opencensus.io v0.24.0 go: downloading go.uber.org/zap v1.27.1 go: downloading google.golang.org/grpc v1.79.3 go: downloading gopkg.in/warnings.v0 v0.1.2 go: downloading github.com/x448/float16 v0.8.4 go: downloading github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 go: downloading github.com/go-openapi/jsonreference v0.21.5 go: downloading github.com/go-openapi/swag v0.25.5 go: downloading github.com/emicklei/go-restful/v3 v3.13.0 go: downloading github.com/blendle/zapdriver v1.3.1 go: downloading gopkg.in/evanphx/json-patch.v4 v4.13.0 go: downloading github.com/census-instrumentation/opencensus-proto v0.4.1 go: downloading github.com/golang/protobuf v1.5.4 go: downloading google.golang.org/api v0.262.0 go: downloading github.com/prometheus/statsd_exporter v0.28.0 go: downloading github.com/go-openapi/jsonpointer v0.22.5 go: downloading github.com/go-openapi/swag/jsonname v0.25.5 go: downloading github.com/go-openapi/swag/fileutils v0.25.5 go: downloading github.com/go-openapi/swag/conv v0.25.5 go: downloading github.com/go-openapi/swag/loading v0.25.5 go: downloading github.com/go-openapi/swag/mangling v0.25.5 go: downloading github.com/go-openapi/swag/jsonutils v0.25.5 go: downloading github.com/go-openapi/swag/cmdutils v0.25.5 go: downloading github.com/go-openapi/swag/netutils v0.25.5 go: downloading github.com/go-openapi/swag/stringutils v0.25.5 go: downloading github.com/go-openapi/swag/typeutils v0.25.5 go: downloading github.com/go-openapi/swag/yamlutils v0.25.5 go: downloading cel.dev/expr v0.25.1 go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20260406210006-6f92a3bedf2d go: downloading go.uber.org/multierr v1.11.0 go: downloading github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.6 go: downloading github.com/stoewer/go-strcase v1.3.1 go: downloading github.com/antlr4-go/antlr/v4 v4.13.1 go: downloading github.com/klauspost/cpuid/v2 v2.3.0 go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 Running Suite: Build Service E2E - /workspace/source/e2e-tests/tests ==================================================================== Random Seed: 1778439866 Will run 64 of 157 specs Running in parallel across 5 processes SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:595 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:631 ------------------------------ SSSSSSSSSSSSSSSSSSSSSSSSSSSSS ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:595 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:631 ------------------------------ SS ------------------------------ • [13.780 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace creates component with context directory go-component [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:106 Timeline >> Image repository for component go-component-xsuccv in namespace build-e2e-swpn do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [24.442 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created creates first component [build-service, github, pac-build, secret-lookup] /workspace/source/e2e-tests/tests/secret_lookup.go:123 Timeline >> Image repository for component component-one-xhkn in namespace build-e2e-jpau do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component component-one-xhkn in namespace build-e2e-jpau do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [32.271 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private correctly targets the default branch (that is not named 'main') with PaC [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:137 Timeline >> Image repository for component gh-test-custom-default-ujmbtn in namespace build-e2e-poyd do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gh-test-custom-default-ujmbtn in namespace build-e2e-poyd do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [20.251 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace triggers a PipelineRun for component go-component-xsuccv [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:125 Timeline >> PipelineRun has not been created yet for the component build-e2e-swpn/go-component-xsuccv << Timeline ------------------------------ • [0.350 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace should lead to a PaC PR creation for component go-component-xsuccv [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:140 ------------------------------ • [2.271 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private workspace parameter is set correctly in PaC repository CR [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:154 ------------------------------ • [10.152 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created creates second component [build-service, github, pac-build, secret-lookup] /workspace/source/e2e-tests/tests/secret_lookup.go:140 Timeline >> Image repository for component component-two-ywhe in namespace build-e2e-jpau do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [0.065 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created check first component annotation has errors [build-service, github, pac-build, secret-lookup] /workspace/source/e2e-tests/tests/secret_lookup.go:158 Timeline >> build status annotation value: {"pac":{"state":"error","error-id":74,"error-message":"74: Access token is unrecognizable by GitHub"},"message":"done"} << Timeline ------------------------------ • [47.190 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace creates component with nudges [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:235 Timeline >> ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"gh-multi-component-parent-ysax","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}}Image repository for component gh-multi-component-child-ysax in namespace build-e2e-ijdd do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gh-multi-component-parent-ysax in namespace build-e2e-ijdd do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [20.269 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:176 Timeline >> PipelineRun has not been created yet for the component build-e2e-poyd/gh-test-custom-branch-ihleeg << Timeline ------------------------------ • [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private build pipeline uses the correct serviceAccount [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:191 ------------------------------ • [0.064 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private component build status is set correctly [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:195 Timeline >> build status annotation value: {"pac":{"state":"enabled","merge-url":"https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-cvfgyb/pull/1","configuration-time":"Sun, 10 May 2026 19:08:41 UTC"},"message":"done"} state: enabled mergeUrl: https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-cvfgyb/pull/1 errId: 0 errMessage: configurationTime: Sun, 10 May 2026 19:08:41 UTC << Timeline ------------------------------ • [20.236 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created triggered PipelineRun is for component [build-service, github, pac-build, secret-lookup] /workspace/source/e2e-tests/tests/secret_lookup.go:178 Timeline >> PipelineRun has not been created yet for the component build-e2e-jpau/component-two-ywhe << Timeline ------------------------------ • [1.014 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private image repo and robot account created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:225 ------------------------------ • [0.273 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private created image repo is private [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:243 ------------------------------ • [73.444 seconds] [build-service-suite Build service E2E tests] test build annotations when component is created with invalid build request annotations handles invalid request annotation [build-service, github, annotations] /workspace/source/e2e-tests/tests/annotations.go:89 Timeline >> Image repository for component test-annotations-baaake in namespace build-e2e-uoan do not have right state ('' != 'ready') yet but it has status { { } { } []}. build status annotation value: {"message":"unexpected build request: foo"} << Timeline ------------------------------ • [17.558 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private a related PipelineRun should be deleted after deleting the component [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:249 ------------------------------ • [0.163 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private PR branch should not exist in the repo [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:264 ------------------------------ • [0.869 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private related image repo and the robot account should be deleted after deleting the component [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /workspace/source/e2e-tests/tests/pac_build.go:277 ------------------------------ • [41.820 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace triggers a PipelineRun for parent component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:259 Timeline >> PipelineRun has not been created yet for the component build-e2e-ijdd/gh-multi-component-parent-ysax PipelineRun has not been created yet for the component build-e2e-ijdd/gh-multi-component-parent-ysax << Timeline ------------------------------ • [41.037 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:327 Timeline >> Image repository for component gh-test-custom-branch-ihleeg in namespace build-e2e-poyd do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component gh-test-custom-branch-ihleeg in namespace build-e2e-poyd do not have right state ('' != 'ready') yet but it has status { { } { } []}. PipelineRun has not been created yet for the component build-e2e-poyd/gh-test-custom-branch-ihleeg << Timeline ------------------------------ • [0.224 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created should lead to a PaC init PR creation [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:342 ------------------------------ • [121.648 seconds] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created check only one pipelinerun should be triggered [build-service, github, pac-build, secret-lookup] /workspace/source/e2e-tests/tests/secret_lookup.go:193 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created when second component is deleted, pac pr branch should not exist in the repo [build-service, github, pac-build, secret-lookup] /workspace/source/e2e-tests/tests/secret_lookup.go:206 ------------------------------ • [420.174 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace the PipelineRun should eventually finish successfully for parent component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:274 Timeline >> PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m found for Component build-e2e-ijdd/gh-multi-component-parent-ysax PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Running PipelineRun gh-multi-component-parent-ysax-on-pull-request-b7z4m reason: Completed << Timeline ------------------------------ • [0.060 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace the PipelineRun should eventually finish successfully for child component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:285 Timeline >> PipelineRun gh-multi-component-child-ysax-on-pull-request-tdcwh found for Component build-e2e-ijdd/gh-multi-component-child-ysax PipelineRun gh-multi-component-child-ysax-on-pull-request-tdcwh reason: Completed << Timeline ------------------------------ • [0.221 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace should lead to a PaC PR creation for child component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:289 ------------------------------ • [1.558 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace Merging the PaC PR should be successful for child component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:307 Timeline >> merged result sha: 0368396ce95dbea2b4c38c856cb7f25c36b1a036 for PR #1 << Timeline ------------------------------ • [401.118 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created the PipelineRun should eventually finish successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:360 Timeline >> PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 found for Component build-e2e-poyd/gh-test-custom-branch-ihleeg PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 reason: Completed << Timeline ------------------------------ • [1.210 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created image repo and robot account created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:365 ------------------------------ • [0.309 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created created image repo is public [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:384 ------------------------------ • [0.542 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created image tag is updated successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:390 Timeline >> Image tag quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:on-pr-1120dec1ba6ade581619462d654a2bca7a902b5d successfully found in Quay << Timeline ------------------------------ • [0.611 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created should ensure pruning labels are set [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:416 ------------------------------ • [0.369 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new Component with specified custom branch is created eventually leads to the PipelineRun status report at Checks tab [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:433 ------------------------------ • [10.331 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace create dockerfile and yaml manifest that references build and distribution repositories [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:318 ------------------------------ • [0.170 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace should lead to a PaC PR creation for parent component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:358 ------------------------------ • [1.598 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace Merging the PaC PR should be successful for parent component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:375 Timeline >> merged result sha: 05ca256a9a3812df1b53fd1e03122e2f85513dfc for PR #1 << Timeline ------------------------------ • [20.887 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated eventually leads to triggering another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:458 Timeline >> created file sha: 57673403e99416158014136f452601ec1272f474 PipelineRun has not been created yet for the component build-e2e-poyd/gh-test-custom-branch-ihleeg << Timeline ------------------------------ • [0.163 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated should lead to a PaC init PR update [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:473 ------------------------------ • [20.175 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace PR merge triggers PAC PipelineRun for parent component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:385 Timeline >> Push PipelineRun has not been created yet for the component build-e2e-ijdd/gh-multi-component-parent-ysax << Timeline ------------------------------ • [540.195 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace the PipelineRun should eventually finish successfully for component go-component-xsuccv [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:159 Timeline >> PipelineRun go-component-xsuccv-on-pull-request-tr2fx found for Component build-e2e-swpn/go-component-xsuccv PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: ResolvingTaskRef PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: ResolvingTaskRef PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Running PipelineRun go-component-xsuccv-on-pull-request-tr2fx reason: Completed << Timeline ------------------------------ • [1.630 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace merging the PR should be successful [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:164 Timeline >> merged result sha: 7c5d52c8dcff74afbd1126d6902f548ac1dcbf69 for PR #33116 << Timeline ------------------------------ • [20.198 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace leads to triggering on push PipelineRun [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:174 Timeline >> Push PipelineRun has not been created yet for the component build-e2e-swpn/go-component-xsuccv << Timeline ------------------------------ • [10.217 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace creates component with context directory python-component [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:106 Timeline >> Image repository for component python-component-exaywd in namespace build-e2e-swpn do not have right state ('' != 'ready') yet but it has status { { } { } []}. << Timeline ------------------------------ • [20.195 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace triggers a PipelineRun for component python-component-exaywd [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:125 Timeline >> PipelineRun has not been created yet for the component build-e2e-swpn/python-component-exaywd << Timeline ------------------------------ • [0.354 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace should lead to a PaC PR creation for component python-component-exaywd [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:140 ------------------------------ • [260.191 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated PipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:492 Timeline >> PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs found for Component build-e2e-poyd/gh-test-custom-branch-ihleeg PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-pull-request-nl6rs reason: Completed << Timeline ------------------------------ • [0.425 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is updated eventually leads to another update of a PR about the PipelineRun status report at Checks tab [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:497 ------------------------------ • [260.172 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace PAC PipelineRun for parent component is successful [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:401 Timeline >> PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf found for Component build-e2e-ijdd/gh-multi-component-parent-ysax PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Running PipelineRun gh-multi-component-parent-ysax-on-push-qw4rf reason: Completed << Timeline ------------------------------ • [21.951 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged eventually leads to triggering another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:523 Timeline >> merged result sha: d9e57494a9c295c733d99c0c3c854f17d4b9afa1 PipelineRun has not been created yet for the component build-e2e-poyd/gh-test-custom-branch-ihleeg << Timeline ------------------------------ • [695.098 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:539 Timeline >> PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v found for Component build-e2e-poyd/gh-test-custom-branch-ihleeg PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-75m4v reason: Failed attempt 1/3: PipelineRun "gh-test-custom-branch-ihleeg-on-push-75m4v" failed: pod: gh-test-custom-branch-ihleeg-on-pull-request-jz2b5-init-pod | init container: prepare 2026/05/10 19:10:54 Entrypoint initialization pod: gh-test-custom-branch-ihleeg-on-pull-request-jz2b5-init-pod | container step-init: time="2026-05-10T19:11:00Z" level=info msg="[param] enable: false" time="2026-05-10T19:11:00Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-05-10T19:11:00Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-05-10T19:11:00Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-05-10T19:11:00Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-05-10T19:11:00Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-05-10T19:11:00Z" level=info msg="Cache proxy is disabled via param" time="2026-05-10T19:11:00Z" level=info msg="[result] HTTP PROXY: " time="2026-05-10T19:11:00Z" level=info msg="[result] NO PROXY: " pod: gh-test-custom-branch-ihleeg-on-pull-request-nl6rs-init-pod | init container: prepare 2026/05/10 19:17:34 Entrypoint initialization pod: gh-test-custom-branch-ihleeg-on-pull-request-nl6rs-init-pod | container step-init: time="2026-05-10T19:17:36Z" level=info msg="[param] enable: false" time="2026-05-10T19:17:36Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-05-10T19:17:36Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-05-10T19:17:36Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-05-10T19:17:36Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-05-10T19:17:36Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-05-10T19:17:36Z" level=info msg="Cache proxy is disabled via param" time="2026-05-10T19:17:36Z" level=info msg="[result] HTTP PROXY: " time="2026-05-10T19:17:36Z" level=info msg="[result] NO PROXY: " pod: gh-test-custom-branch-ihleeg-on-push-75m4v-build-container-pod | init container: prepare 2026/05/10 19:22:26 Entrypoint initialization pod: gh-test-custom-branch-ihleeg-on-push-75m4v-build-container-pod | init container: place-scripts 2026/05/10 19:22:27 Decoded script /tekton/scripts/script-1-xmxlv 2026/05/10 19:22:27 Decoded script /tekton/scripts/script-2-6qwbq 2026/05/10 19:22:27 Decoded script /tekton/scripts/script-3-pm2zn 2026/05/10 19:22:27 Decoded script /tekton/scripts/script-4-cvtft 2026/05/10 19:22:27 Decoded script /tekton/scripts/script-5-44q9l pod: gh-test-custom-branch-ihleeg-on-push-75m4v-build-container-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg Executing: oras blob fetch --registry-config /tmp/use-oci.sh.KraCxJ/auth-pKP2In.json quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg@sha256:38e1ddc9408874e5be313f1a82bfaa3d804a6f8b0ccd575a06e21076718484dd --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg@sha256:38e1ddc9408874e5be313f1a82bfaa3d804a6f8b0ccd575a06e21076718484dd to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: gh-test-custom-branch-ihleeg-on-push-75m4v-build-container-pod | container step-build: [2026-05-10T19:23:01,730114825+00:00] Validate context path [2026-05-10T19:23:01,733384274+00:00] Update CA trust [2026-05-10T19:23:01,734499342+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-05-10T19:23:08,211188894+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-05-10T19:23:14,632849946+00:00] Prepare system (architecture: x86_64) [2026-05-10T19:23:15,307769706+00:00] Setup prefetched Trying to pull quay.io/jitesoft/nginx:latest... Getting image source signatures Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Copying blob sha256:589002ba0eaed121a1dbf42f6648f29e5be55d5c8a6ee0f8eaa0285cc21ac153 Copying blob sha256:3478266b4865f4efc58d163e64670ca678ab1de9918b00b890093f6426681f7b Copying blob sha256:c27fcb7ccfae0ffc78703910ca9ddd5a68dd0508825e673a3b9d06dd618ac0f3 Copying config sha256:e8566ed9bc606131964784db37d8103e708ee079caa4ef2be258acfe5e2b5033 Writing manifest to image destination [2026-05-10T19:23:24,555802350+00:00] Unsetting proxy { "com.jitesoft.app.alpine.version": "3.23.3", "com.jitesoft.app.nginx.version": "1.29.8", "com.jitesoft.build.arch": "amd64", "com.jitesoft.build.platform": "linux/amd64", "com.jitesoft.project.registry.uri": "registry.gitlab.com/jitesoft/dockerfiles/nginx", "com.jitesoft.project.repo.issues": "https://gitlab.com/jitesoft/dockerfiles/nginx/issues", "com.jitesoft.project.repo.type": "git", "com.jitesoft.project.repo.uri": "https://gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.alternative-locations": "oci://index.docker.io/jitesoft/nginx,oci://ghcr.io/jitesoft/nginx,oci://registry.gitlab.com/jitesoft/dockerfiles/nginx", "io.artifacthub.package.logo-url": "https://jitesoft.com/favicon-96x96.png", "io.artifacthub.package.readme-url": "https://gitlab.com/jitesoft/dockerfiles/nginx/-/raw/master/README.md", "maintainer": "Johannes Tegnér ", "maintainer.org": "Jitesoft", "maintainer.org.uri": "https://jitesoft.com", "org.opencontainers.image.created": "2026-05-10T19:23:15Z", "org.opencontainers.image.description": "Nginx on Alpine linux", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-cvfgyb", "org.opencontainers.image.vendor": "Jitesoft", "org.opencontainers.image.version": "1.29.8", "architecture": "x86_64", "vcs-type": "git", "vcs-ref": "d9e57494a9c295c733d99c0c3c854f17d4b9afa1", "org.opencontainers.image.revision": "d9e57494a9c295c733d99c0c3c854f17d4b9afa1", "build-date": "2026-05-10T19:23:15Z", "io.buildah.version": "1.42.2", "konflux.additional-tags": "test-tag1, test-tag2" } [2026-05-10T19:23:24,675608134+00:00] Register sub-man Adding the entitlement to the build [2026-05-10T19:23:24,678746091+00:00] Add secrets [2026-05-10T19:23:24,698395046+00:00] Run buildah build [2026-05-10T19:23:24,699463427+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=d9e57494a9c295c733d99c0c3c854f17d4b9afa1 --label org.opencontainers.image.revision=d9e57494a9c295c733d99c0c3c854f17d4b9afa1 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-cvfgyb --label build-date=2026-05-10T19:23:15Z --label org.opencontainers.image.created=2026-05-10T19:23:15Z --annotation org.opencontainers.image.revision=d9e57494a9c295c733d99c0c3c854f17d4b9afa1 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-cvfgyb --annotation org.opencontainers.image.created=2026-05-10T19:23:15Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.TPLttf -t quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1 . STEP 1/6: FROM quay.io/jitesoft/nginx:latest STEP 2/6: ENV PORT="8080" STEP 3/6: LABEL konflux.additional-tags="test-tag1, test-tag2" STEP 4/6: COPY labels.json /usr/share/buildinfo/labels.json STEP 5/6: COPY labels.json /root/buildinfo/labels.json STEP 6/6: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="d9e57494a9c295c733d99c0c3c854f17d4b9afa1" "org.opencontainers.image.revision"="d9e57494a9c295c733d99c0c3c854f17d4b9afa1" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-cvfgyb" "build-date"="2026-05-10T19:23:15Z" "org.opencontainers.image.created"="2026-05-10T19:23:15Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1 time="2026-05-10T19:23:25Z" level=warning msg="HEALTHCHECK is not supported for OCI image format and will be ignored. Must use `docker` format" --> 3bf768fec500 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1 3bf768fec500cec6881c402f33e46481613624c304a4a58ab143e01c5227b4f9 [2026-05-10T19:23:28,894541778+00:00] Unsetting proxy [2026-05-10T19:23:28,895850051+00:00] Add metadata Recording base image digests used quay.io/jitesoft/nginx:latest quay.io/jitesoft/nginx:latest@sha256:b6f74d18d53ff23b0aa833041c9515de914f4c0e7498ffd566862033cd9b9289 Getting image source signatures Copying blob sha256:1fa0e399be1c634b135f5cd84b05f8d919547ec8fd83a575a2d00ab1ef014700 Copying blob sha256:b431ed29c213c3983481ebac7a73e46bc4c57aa8a883d602b321fe3da5d3e187 Copying blob sha256:5e5160618fa108259918eb014b2a1d8c629e412b3fbab733b3775221a8e137ba Copying blob sha256:989e799e634906e94dc9a5ee2ee26fc92ad260522990f26e707861a5f52bf64e Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying config sha256:3bf768fec500cec6881c402f33e46481613624c304a4a58ab143e01c5227b4f9 Writing manifest to image destination [2026-05-10T19:23:29,646198691+00:00] End build pod: gh-test-custom-branch-ihleeg-on-push-75m4v-build-container-pod | container step-push: [2026-05-10T19:23:29,903525624+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-05-10T19:23:36,724637157+00:00] Convert image [2026-05-10T19:23:36,725623306+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:gh-test-custom-branch-ihleeg-on-push-75m4v-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1 docker://quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:gh-test-custom-branch-ihleeg-on-push-75m4v-build-container Getting image source signatures Copying blob sha256:b431ed29c213c3983481ebac7a73e46bc4c57aa8a883d602b321fe3da5d3e187 Copying blob sha256:989e799e634906e94dc9a5ee2ee26fc92ad260522990f26e707861a5f52bf64e Copying blob sha256:5e5160618fa108259918eb014b2a1d8c629e412b3fbab733b3775221a8e137ba Copying blob sha256:1fa0e399be1c634b135f5cd84b05f8d919547ec8fd83a575a2d00ab1ef014700 Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying config sha256:3bf768fec500cec6881c402f33e46481613624c304a4a58ab143e01c5227b4f9 Writing manifest to image destination [2026-05-10T19:24:16,364865479+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1 [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /var/workdir/image-digest quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1 docker://quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1 Getting image source signatures Copying blob sha256:1fa0e399be1c634b135f5cd84b05f8d919547ec8fd83a575a2d00ab1ef014700 Copying blob sha256:989e799e634906e94dc9a5ee2ee26fc92ad260522990f26e707861a5f52bf64e Copying blob sha256:5e5160618fa108259918eb014b2a1d8c629e412b3fbab733b3775221a8e137ba Copying blob sha256:b431ed29c213c3983481ebac7a73e46bc4c57aa8a883d602b321fe3da5d3e187 Copying blob sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef Copying config sha256:3bf768fec500cec6881c402f33e46481613624c304a4a58ab143e01c5227b4f9 Writing manifest to image destination sha256:b0541c4b22a17b83805bb07463e6c5b6ccd3b048a2fc1f99c1ae47157d6d2a5bquay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1 [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-05-10T19:24:19,109458382+00:00] End push pod: gh-test-custom-branch-ihleeg-on-push-75m4v-build-container-pod | container step-sbom-syft-generate: [2026-05-10T19:24:20,149090995+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-05-10T19:24:23,566660185+00:00] End sbom-syft-generate pod: gh-test-custom-branch-ihleeg-on-push-75m4v-build-container-pod | container step-prepare-sboms: [2026-05-10T19:24:24,201548957+00:00] Prepare SBOM [2026-05-10T19:24:24,220784493+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-05-10 19:24:35,127 [INFO] mobster.log: Logging level set to 20 2026-05-10 19:24:35,719 [INFO] mobster.oci: Fetching manifest for quay.io/jitesoft/nginx@sha256:b6f74d18d53ff23b0aa833041c9515de914f4c0e7498ffd566862033cd9b9289 2026-05-10 19:24:37,700 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/jitesoft/nginx@sha256:4d7226dc64d77bdb639adb0138c7bf9b01e85bb72175bdd3d0f97f56f335cfe2 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-05-10 19:24:38,413 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/jitesoft/nginx@sha256:4d7226dc64d77bdb639adb0138c7bf9b01e85bb72175bdd3d0f97f56f335cfe2 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-05-10 19:24:39,998 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/jitesoft/nginx@sha256:4d7226dc64d77bdb639adb0138c7bf9b01e85bb72175bdd3d0f97f56f335cfe2 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-05-10 19:24:40,707 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/jitesoft/nginx@sha256:4d7226dc64d77bdb639adb0138c7bf9b01e85bb72175bdd3d0f97f56f335cfe2 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-05-10 19:24:42,279 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/jitesoft/nginx@sha256:4d7226dc64d77bdb639adb0138c7bf9b01e85bb72175bdd3d0f97f56f335cfe2 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-05-10 19:24:43,030 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/jitesoft/nginx@sha256:4d7226dc64d77bdb639adb0138c7bf9b01e85bb72175bdd3d0f97f56f335cfe2 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-05-10 19:24:44,581 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/jitesoft/nginx@sha256:4d7226dc64d77bdb639adb0138c7bf9b01e85bb72175bdd3d0f97f56f335cfe2 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-05-10 19:24:45,282 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/jitesoft/nginx@sha256:4d7226dc64d77bdb639adb0138c7bf9b01e85bb72175bdd3d0f97f56f335cfe2 with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-05-10 19:24:46,455 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-05-10 19:24:46,456 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-05-10 19:24:46,456 [INFO] mobster.log: Contextual workflow completed in 10.83s 2026-05-10 19:24:46,465 [INFO] mobster.main: Exiting with code 0. [2026-05-10T19:24:47,222915612+00:00] End prepare-sboms pod: gh-test-custom-branch-ihleeg-on-push-75m4v-build-container-pod | container step-upload-sbom: [2026-05-10T19:24:52,635802041+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1@sha256:b0541c4b22a17b83805bb07463e6c5b6ccd3b048a2fc1f99c1ae47157d6d2a5b WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key '. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg@sha256:b0541c4b22a17b83805bb07463e6c5b6ccd3b048a2fc1f99c1ae47157d6d2a5b] to [quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:sha256-b0541c4b22a17b83805bb07463e6c5b6ccd3b048a2fc1f99c1ae47157d6d2a5b.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg@sha256:e329201360b6b7c37328dfdec4fad5dadd3f231fe6affe7e5406cc0f094c561e [2026-05-10T19:25:19,432930570+00:00] End upload-sbom pod: gh-test-custom-branch-ihleeg-on-push-75m4v-clone-repository-pod | init container: prepare 2026/05/10 19:22:07 Entrypoint initialization pod: gh-test-custom-branch-ihleeg-on-push-75m4v-clone-repository-pod | init container: place-scripts 2026/05/10 19:22:08 Decoded script /tekton/scripts/script-0-rkmz5 2026/05/10 19:22:08 Decoded script /tekton/scripts/script-1-jvq89 pod: gh-test-custom-branch-ihleeg-on-push-75m4v-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1778440930.1655872,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1778440930.488843,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-cvfgyb @ d9e57494a9c295c733d99c0c3c854f17d4b9afa1 (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1778440930.4888904,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1778440930.51289,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision d9e57494a9c295c733d99c0c3c854f17d4b9afa1 directly. pod: gh-test-custom-branch-ihleeg-on-push-75m4v-clone-repository-pod | container step-symlink-check: Running symlink check pod: gh-test-custom-branch-ihleeg-on-push-75m4v-clone-repository-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:38e1ddc9408874e5be313f1a82bfaa3d804a6f8b0ccd575a06e21076718484dd) Using token for quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg Executing: oras push --registry-config /tmp/create-oci.sh.qOuzG6/auth-wbg9Ng.json quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1.git SOURCE_ARTIFACT Uploading 38e1ddc94088 SOURCE_ARTIFACT Uploaded 38e1ddc94088 SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-poyd/gh-test-custom-branch-ihleeg:d9e57494a9c295c733d99c0c3c854f17d4b9afa1.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:1d87e82695674d0a016382766677f1472e8d456eebcc161d614b2def601c6ad1 Artifacts created pod: gh-test-custom-branch-ihleeg-on-push-75m4v-init-pod | init container: prepare 2026/05/10 19:21:57 Entrypoint initialization pod: gh-test-custom-branch-ihleeg-on-push-75m4v-init-pod | container step-init: time="2026-05-10T19:22:04Z" level=info msg="[param] enable: false" time="2026-05-10T19:22:04Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-05-10T19:22:04Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-05-10T19:22:04Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-05-10T19:22:04Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-05-10T19:22:04Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-05-10T19:22:04Z" level=info msg="Cache proxy is disabled via param" time="2026-05-10T19:22:04Z" level=info msg="[result] HTTP PROXY: " time="2026-05-10T19:22:04Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf found after retrigger for component build-e2e-poyd/gh-test-custom-branch-ihleeg PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf found for Component build-e2e-poyd/gh-test-custom-branch-ihleeg PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: Running PipelineRun gh-test-custom-branch-ihleeg-on-push-swgbf reason: Completed << Timeline ------------------------------ • [0.293 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged does not have expiration set [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:545 ------------------------------ • [938.033 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace the PipelineRun should eventually finish successfully for component python-component-exaywd [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:159 Timeline >> PipelineRun python-component-exaywd-on-pull-request-9j8wp found for Component build-e2e-swpn/python-component-exaywd PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: ResolvingTaskRef PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: ResolvingTaskRef PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Running PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: PipelineRunStopping PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: PipelineRunStopping PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: PipelineRunStopping PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: PipelineRunStopping PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: PipelineRunStopping PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: PipelineRunStopping PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: PipelineRunStopping PipelineRun python-component-exaywd-on-pull-request-9j8wp reason: Failed attempt 1/3: PipelineRun "python-component-exaywd-on-pull-request-9j8wp" failed: pod: python-component-exaywd-on-14775ab6b33230fc1f5ab6f5e6e84b46-pod | init container: prepare 2026/05/10 19:23:08 Entrypoint initialization pod: python-component-exaywd-on-14775ab6b33230fc1f5ab6f5e6e84b46-pod | init container: place-scripts 2026/05/10 19:23:21 Decoded script /tekton/scripts/script-0-sm9t8 2026/05/10 19:23:21 Decoded script /tekton/scripts/script-1-j224c 2026/05/10 19:23:21 Decoded script /tekton/scripts/script-2-b4gml pod: python-component-exaywd-on-14775ab6b33230fc1f5ab6f5e6e84b46-pod | container step-build: [2026-05-10T19:23:31,623610714+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-05-10T19:23:36Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1" time="2026-05-10T19:23:36Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082]" time="2026-05-10T19:23:36Z" level=info msg="[param] buildah-format: docker" time="2026-05-10T19:23:36Z" level=info msg="[param] always-build-index: false" time="2026-05-10T19:23:36Z" level=info msg="[param] additional-tags: [python-component-exaywd-on-pull-request-9j8wp-build-image-index]" time="2026-05-10T19:23:36Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-05-10T19:23:36Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-05-10T19:23:36Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-05-10T19:23:36Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-05-10T19:23:36Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-05-10T19:23:36Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1" time="2026-05-10T19:23:39Z" level=info msg="buildah [stdout] 1092add63afea3413e13c8396c4d5aaae3eee60547cf8bd86f56626015c410b2" logger=CliExecutor time="2026-05-10T19:23:39Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082","image_url":"quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1","image_ref":"quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082","images":"quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082"} pod: python-component-exaywd-on-14775ab6b33230fc1f5ab6f5e6e84b46-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: python-component-exaywd-on-14775ab6b33230fc1f5ab6f5e6e84b46-pod | container step-upload-sbom: [2026-05-10T19:23:40,034106061+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: python-component-exaywd-on-336a62e6b82897542812fd7460c75364-pod | init container: prepare 2026/05/10 19:25:35 Entrypoint initialization pod: python-component-exaywd-on-336a62e6b82897542812fd7460c75364-pod | init container: place-scripts 2026/05/10 19:30:30 Decoded script /tekton/scripts/script-1-ztv7h 2026/05/10 19:30:30 Decoded script /tekton/scripts/script-2-fgvsc pod: python-component-exaywd-on-336a62e6b82897542812fd7460c75364-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Executing: oras blob fetch --registry-config /tmp/use-oci.sh.jXlVvV/auth-RljErg.json quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:f68c2ad3db7d9c2adab459409d0e8383006fc54a7824ad6ccc504c037be2d502 --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:f68c2ad3db7d9c2adab459409d0e8383006fc54a7824ad6ccc504c037be2d502 to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: python-component-exaywd-on-336a62e6b82897542812fd7460c75364-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: python-component-exaywd INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2026-05-10T19:30:37+00:00","note":"Task sast-snyk-check-oci-ta skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: python-component-exaywd-on-336a62e6b82897542812fd7460c75364-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload. pod: python-component-exaywd-on-63258f3212af1a64ec57f06a57a4e00e-pod | init container: prepare 2026/05/10 19:21:20 Entrypoint initialization pod: python-component-exaywd-on-63258f3212af1a64ec57f06a57a4e00e-pod | init container: place-scripts 2026/05/10 19:21:23 Decoded script /tekton/scripts/script-1-tdq56 2026/05/10 19:21:23 Decoded script /tekton/scripts/script-2-8dzjd 2026/05/10 19:21:23 Decoded script /tekton/scripts/script-3-6xbzh 2026/05/10 19:21:23 Decoded script /tekton/scripts/script-4-9zd7n 2026/05/10 19:21:23 Decoded script /tekton/scripts/script-5-bqj28 pod: python-component-exaywd-on-63258f3212af1a64ec57f06a57a4e00e-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Executing: oras blob fetch --registry-config /tmp/use-oci.sh.9r3kUi/auth-lQ9QQE.json quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:f68c2ad3db7d9c2adab459409d0e8383006fc54a7824ad6ccc504c037be2d502 --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:f68c2ad3db7d9c2adab459409d0e8383006fc54a7824ad6ccc504c037be2d502 to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: python-component-exaywd-on-63258f3212af1a64ec57f06a57a4e00e-pod | container step-build: [2026-05-10T19:21:28,769738939+00:00] Validate context path [2026-05-10T19:21:28,773120861+00:00] Update CA trust [2026-05-10T19:21:28,774173602+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-05-10T19:21:30,961807917+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-05-10T19:21:30,969317211+00:00] Prepare system (architecture: x86_64) [2026-05-10T19:21:30,986047430+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi9/python-312-minimal:9.7-1777392261... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1 Copying blob sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186 Copying config sha256:7deab7336ecc64e21c0ac1da4d7eccb836d77efe5f446769d0a7d0ea4383930d Writing manifest to image destination Storing signatures [2026-05-10T19:21:38,679155823+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-05-10T19:21:30Z", "com.redhat.component": "python-312-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream", "description": "Python 3.12 available as container is a base platform for building and running various Python 3.12 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.buildpacks.stack.id": "com.redhat.stacks.ubi9-python-312-minimal", "io.k8s.description": "Python 3.12 available as container is a base platform for building and running various Python 3.12 applications and frameworks. Python is an easy to learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms.", "io.k8s.display-name": "Python 3.12", "io.openshift.expose-services": "8080:http", "io.openshift.tags": "builder,python,python312,python-312,rh-python312", "maintainer": "SoftwareCollections.org ", "name": "ubi9/python-312-minimal", "org.opencontainers.image.created": "2026-05-10T19:21:30Z", "org.opencontainers.image.revision": "debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1", "release": "1777392261", "summary": "Minimal platform for building and running Python 3.12 applications", "url": "https://catalog.redhat.com/en/search?searchType=containers", "usage": "s2i build https://github.com/sclorg/s2i-python-container.git --context-dir=3.12-minimal/test/setup-test-app/ ubi9/python-312-minimal python-sample-app", "vcs-ref": "debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "9.7", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component", "quay.expires-after": "5d" } [2026-05-10T19:21:38,719865060+00:00] Register sub-man Adding the entitlement to the build [2026-05-10T19:21:38,722990072+00:00] Add secrets [2026-05-10T19:21:38,737996663+00:00] Run buildah build [2026-05-10T19:21:38,739077728+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 --label org.opencontainers.image.revision=debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-05-10T19:21:30Z --label org.opencontainers.image.created=2026-05-10T19:21:30Z --annotation org.opencontainers.image.revision=debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-05-10T19:21:30Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.arXC2P -t quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 . STEP 1/10: FROM registry.access.redhat.com/ubi9/python-312-minimal:9.7-1777392261 STEP 2/10: EXPOSE 8081/tcp STEP 3/10: ENV FLASK_PORT=8081 STEP 4/10: WORKDIR /projects STEP 5/10: COPY . . STEP 6/10: RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; elif [ `ls -1q *.txt | wc -l` == 1 ]; then pip install -r *.txt; fi Collecting Flask==2.3.3 (from -r requirements.txt (line 1)) Downloading flask-2.3.3-py3-none-any.whl.metadata (3.6 kB) Collecting Werkzeug>=2.3.7 (from Flask==2.3.3->-r requirements.txt (line 1)) Downloading werkzeug-3.1.8-py3-none-any.whl.metadata (4.0 kB) Collecting Jinja2>=3.1.2 (from Flask==2.3.3->-r requirements.txt (line 1)) Downloading jinja2-3.1.6-py3-none-any.whl.metadata (2.9 kB) Collecting itsdangerous>=2.1.2 (from Flask==2.3.3->-r requirements.txt (line 1)) Downloading itsdangerous-2.2.0-py3-none-any.whl.metadata (1.9 kB) Collecting click>=8.1.3 (from Flask==2.3.3->-r requirements.txt (line 1)) Downloading click-8.3.3-py3-none-any.whl.metadata (2.6 kB) Collecting blinker>=1.6.2 (from Flask==2.3.3->-r requirements.txt (line 1)) Downloading blinker-1.9.0-py3-none-any.whl.metadata (1.6 kB) Collecting MarkupSafe>=2.0 (from Jinja2>=3.1.2->Flask==2.3.3->-r requirements.txt (line 1)) Downloading markupsafe-3.0.3-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (2.7 kB) Downloading flask-2.3.3-py3-none-any.whl (96 kB) Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB) Downloading click-8.3.3-py3-none-any.whl (110 kB) Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) Downloading werkzeug-3.1.8-py3-none-any.whl (226 kB) Downloading markupsafe-3.0.3-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (22 kB) Installing collected packages: MarkupSafe, itsdangerous, click, blinker, Werkzeug, Jinja2, Flask Successfully installed Flask-2.3.3 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.8 blinker-1.9.0 click-8.3.3 itsdangerous-2.2.0 [notice] A new release of pip is available: 24.2 -> 26.1.1 [notice] To update, run: pip install --upgrade pip STEP 7/10: CMD [ "python", "./app.py" ] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json STEP 9/10: COPY labels.json /root/buildinfo/labels.json STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1" "org.opencontainers.image.revision"="debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-05-10T19:21:30Z" "org.opencontainers.image.created"="2026-05-10T19:21:30Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 --> bf777ce59da0 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 bf777ce59da077c70dbc359ae8274f6eba4b220e4c81b8538a2270de2a619dc7 [2026-05-10T19:21:41,345346685+00:00] Unsetting proxy [2026-05-10T19:21:41,346679591+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi9/python-312-minimal:9.7-1777392261 registry.access.redhat.com/ubi9/python-312-minimal:9.7-1777392261@sha256:3748c2b2908ade249fc7197f3d357562e18adeb37ce15621bda818fc7e8c0582 Getting image source signatures Copying blob sha256:9eb4322b3f54f49b06c2045eff45a55883af6d824efaae23de542dc093b9da88 Copying blob sha256:bb24329e281c372fcdf5da3e7b9c0c4615f87f560e91f3e951c851fcaf595968 Copying blob sha256:73dd5047f87493ec5a883a7efcc591fcf9fd17284490e83ae258105607396e34 Copying config sha256:bf777ce59da077c70dbc359ae8274f6eba4b220e4c81b8538a2270de2a619dc7 Writing manifest to image destination [2026-05-10T19:21:42,145272268+00:00] End build pod: python-component-exaywd-on-63258f3212af1a64ec57f06a57a4e00e-pod | container step-push: [2026-05-10T19:21:42,904537143+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-05-10T19:21:47,431687507+00:00] Convert image [2026-05-10T19:21:47,432903929+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:python-component-exaywd-on-pull-request-9j8wp-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 docker://quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:python-component-exaywd-on-pull-request-9j8wp-build-container Getting image source signatures Copying blob sha256:9eb4322b3f54f49b06c2045eff45a55883af6d824efaae23de542dc093b9da88 Copying blob sha256:73dd5047f87493ec5a883a7efcc591fcf9fd17284490e83ae258105607396e34 Copying blob sha256:bb24329e281c372fcdf5da3e7b9c0c4615f87f560e91f3e951c851fcaf595968 Copying config sha256:bf777ce59da077c70dbc359ae8274f6eba4b220e4c81b8538a2270de2a619dc7 Writing manifest to image destination [2026-05-10T19:22:09,373633140+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /var/workdir/image-digest quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 docker://quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 Getting image source signatures Copying blob sha256:9eb4322b3f54f49b06c2045eff45a55883af6d824efaae23de542dc093b9da88 Copying blob sha256:73dd5047f87493ec5a883a7efcc591fcf9fd17284490e83ae258105607396e34 Copying blob sha256:bb24329e281c372fcdf5da3e7b9c0c4615f87f560e91f3e951c851fcaf595968 Copying config sha256:bf777ce59da077c70dbc359ae8274f6eba4b220e4c81b8538a2270de2a619dc7 Writing manifest to image destination sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-05-10T19:22:10,846115497+00:00] End push pod: python-component-exaywd-on-63258f3212af1a64ec57f06a57a4e00e-pod | container step-sbom-syft-generate: [2026-05-10T19:22:11,255667646+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-05-10T19:22:15,483622027+00:00] End sbom-syft-generate pod: python-component-exaywd-on-63258f3212af1a64ec57f06a57a4e00e-pod | container step-prepare-sboms: [2026-05-10T19:22:15,800615865+00:00] Prepare SBOM [2026-05-10T19:22:15,857503102+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-05-10 19:22:25,560 [INFO] mobster.log: Logging level set to 20 2026-05-10 19:22:26,160 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi9/python-312-minimal@sha256:3748c2b2908ade249fc7197f3d357562e18adeb37ce15621bda818fc7e8c0582 2026-05-10 19:22:28,007 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual workflow will be used. Parent SBOM used for contextualization: https://konflux-ci.dev/spdxdocs/quay.io/redhat-user-workloads/osci-rhel-containers-tenant/rhel-9-7/python-312-minimal-9-7@sha256:5d4123bf22aea9d5e71cf448f0302b79e7b47dec44709e85b40c1a0b3189ca94-1d4260fd-df09-42f5-995e-ee49605545ac 2026-05-10 19:22:28,162 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.logging: {"event_type": "contextual_sbom_matching_statistics", "parent_sbom_reference": "https://konflux-ci.dev/spdxdocs/quay.io/redhat-user-workloads/osci-rhel-containers-tenant/rhel-9-7/python-312-minimal-9-7@sha256:5d4123bf22aea9d5e71cf448f0302b79e7b47dec44709e85b40c1a0b3189ca94-1d4260fd-df09-42f5-995e-ee49605545ac", "component_sbom_reference": "https://konflux-ci.dev/spdxdocs/quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082-6efbfe83-fe3a-4b3d-a3de-0e292bb4b747", "component_packages": {"total": 126, "matched": 119, "unmatched_all": 7, "unmatched_component_only": 7, "unmatched_without_unique_id": 0}, "parent_packages": {"total": 136, "matched": 129, "unmatched_all": 7, "unmatched_removed_at_build": 7, "unmatched_without_unique_id": 0}, "match_methods": {"by_checksum": 0, "by_verification_code": 110, "by_purl": 9, "total": 119}, "match_origins": {"syft_to_syft": 119, "syft_to_hermeto": 0, "hermeto_to_syft": 0, "hermeto_to_hermeto": 0}, "duplicate_identifiers": {"checksums": {"count": 0, "details": []}, "verification_codes": {"count": 0, "details": []}, "purls": {"count": 0, "details": []}}} 2026-05-10 19:22:28,162 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-05-10 19:22:28,162 [INFO] mobster.log: Contextual workflow completed in 2.10s 2026-05-10 19:22:28,362 [INFO] mobster.main: Exiting with code 0. [2026-05-10T19:22:29,162934540+00:00] End prepare-sboms pod: python-component-exaywd-on-63258f3212af1a64ec57f06a57a4e00e-pod | container step-upload-sbom: [2026-05-10T19:22:29,290843647+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key '. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082] to [quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:sha256-d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:fbefb3e2dfaa5e29bc39b0a6e5bd797f9e06582f6f7ccdc04411f1c330ee9630 [2026-05-10T19:22:54,037195335+00:00] End upload-sbom pod: python-component-exaywd-on-a4d479df888e6a6919fcc9ec3cd296bf-pod | init container: prepare 2026/05/10 19:19:34 Entrypoint initialization pod: python-component-exaywd-on-a4d479df888e6a6919fcc9ec3cd296bf-pod | init container: place-scripts 2026/05/10 19:19:38 Decoded script /tekton/scripts/script-0-zt5ph 2026/05/10 19:19:38 Decoded script /tekton/scripts/script-1-9nk9t pod: python-component-exaywd-on-a4d479df888e6a6919fcc9ec3cd296bf-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1778440783.1594958,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1778440783.6309822,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/sample-multi-component @ debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1778440783.6310236,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1778440783.654188,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 directly. pod: python-component-exaywd-on-a4d479df888e6a6919fcc9ec3cd296bf-pod | container step-symlink-check: Running symlink check pod: python-component-exaywd-on-a4d479df888e6a6919fcc9ec3cd296bf-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:f68c2ad3db7d9c2adab459409d0e8383006fc54a7824ad6ccc504c037be2d502) Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Executing: oras push --annotation=quay.expires-after=5d --registry-config /tmp/create-oci.sh.I5PzN9/auth-8g149s.json quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1.git SOURCE_ARTIFACT Uploading f68c2ad3db7d SOURCE_ARTIFACT Uploaded f68c2ad3db7d SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:5acb8b4c5459bf073a54c3042d7161dc0c5e48651fdad6a5aab66547c6cc3429 Artifacts created pod: python-component-exaywd-on-c3cd810d4be22f23906921d1adfc515d-pod | init container: prepare 2026/05/10 19:25:34 Entrypoint initialization pod: python-component-exaywd-on-c3cd810d4be22f23906921d1adfc515d-pod | init container: place-scripts 2026/05/10 19:30:26 Decoded script /tekton/scripts/script-1-4vmrj 2026/05/10 19:30:26 Decoded script /tekton/scripts/script-2-9hrhd pod: python-component-exaywd-on-c3cd810d4be22f23906921d1adfc515d-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Executing: oras blob fetch --registry-config /tmp/use-oci.sh.mE7NxE/auth-ZCfz6L.json quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:f68c2ad3db7d9c2adab459409d0e8383006fc54a7824ad6ccc504c037be2d502 --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:f68c2ad3db7d9c2adab459409d0e8383006fc54a7824ad6ccc504c037be2d502 to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: python-component-exaywd-on-c3cd810d4be22f23906921d1adfc515d-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index INFO: The PROJECT_NAME used is: python-component-exaywd INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=python-component-exaywd + echo 'INFO: The PROJECT_NAME used is: python-component-exaywd' + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/var/workdir/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/var/workdir/source/. ++ realpath -m /var/workdir/source/. + resolved_path=/var/workdir/source + [[ /var/workdir/source == \/\v\a\r\/\w\o\r\k\d\i\r\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + /usr/share/csmock/scripts/run-shellcheck.sh /var/workdir/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/var/workdir/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-117.json ./shellcheck-results/sc-130.json ./shellcheck-results/sc-131.json ./shellcheck-results/sc-133.json ./shellcheck-results/sc-84.json ./shellcheck-results/sc-87.json ./shellcheck-results/sc-88.json ./shellcheck-results/sc-91.json ./shellcheck-results/sc-95.json ./shellcheck-results/sc-97.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered ShellCheck results have been saved to shellcheck-results.json + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + TEST_OUTPUT= + parse_test_output sast-shell-check-oci-ta sarif shellcheck-results.sarif + TEST_NAME=sast-shell-check-oci-ta + TEST_RESULT_FORMAT=sarif + TEST_RESULT_FILE=shellcheck-results.sarif + '[' -z sast-shell-check-oci-ta ']' + '[' -z sarif ']' + '[' -z shellcheck-results.sarif ']' + '[' '!' -f shellcheck-results.sarif ']' + '[' sarif = sarif ']' +++ jq -rce '(if (.runs[].results | length > 0) then "FAILURE" else "SUCCESS" end)' shellcheck-results.sarif +++ jq -rce '(.runs[].results | length)' shellcheck-results.sarif ++ make_result_json -r SUCCESS -f 0 ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ FAILURES=0 ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-05-10T19:30:31+00:00 --arg result SUCCESS --arg note 'For details, check Tekton task log.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-05-10T19:30:31+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-05-10T19:30:31+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2026-05-10T19:30:31+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-05-10T19:30:31+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ jq .failures + '[' 0 -gt 0 ']' + echo '{"result":"SUCCESS","timestamp":"2026-05-10T19:30:31+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-05-10T19:30:31+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: python-component-exaywd-on-c3cd810d4be22f23906921d1adfc515d-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Attaching to quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading da808faebf6f shellcheck-results.sarif Uploaded da808faebf6f shellcheck-results.sarif Uploading 1883423bb24e application/vnd.oci.image.manifest.v1+json Uploaded 1883423bb24e application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 Digest: sha256:1883423bb24ec8a47e36d2fd34ef71d5e38f7a6f9537a260b8ba67c4e01bf44b No excluded-findings.json exists. Skipping upload. pod: python-component-exaywd-on-dec49121b57e80d4599df1d7974641c4-pod | init container: prepare 2026/05/10 19:25:37 Entrypoint initialization pod: python-component-exaywd-on-dec49121b57e80d4599df1d7974641c4-pod | init container: place-scripts 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-0-65nrh 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-1-k629t 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-2-z6m8l 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-3-22wxz 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-4-gkfmc 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-5-69xhl pod: python-component-exaywd-on-dec49121b57e80d4599df1d7974641c4-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... [retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 The media type of the OCI artifact is application/vnd.docker.distribution.manifest.v2+json. Looking for image labels that indicate this might be an operator bundle... [retry] executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: python-component-exaywd-on-dec49121b57e80d4599df1d7974641c4-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Auth json written to "/auth/auth.json". pod: python-component-exaywd-on-dec49121b57e80d4599df1d7974641c4-pod | container step-set-skip-for-bundles: 2026/05/10 19:30:35 INFO Step was skipped due to when expressions were evaluated to false. pod: python-component-exaywd-on-dec49121b57e80d4599df1d7974641c4-pod | container step-app-check: time="2026-05-10T19:30:35Z" level=info msg="certification library version" version="1.17.2 " time="2026-05-10T19:30:36Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 for platform amd64" time="2026-05-10T19:30:36Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1" time="2026-05-10T19:30:41Z" level=info msg="warning: licenses directory does not exist or all of its children are empty directories: error when checking for /licenses: stat /tmp/preflight-401385716/fs/licenses: no such file or directory" check=HasLicense time="2026-05-10T19:30:41Z" level=info msg="check completed" check=HasLicense result=FAILED time="2026-05-10T19:30:41Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2026-05-10T19:30:41Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2026-05-10T19:30:41Z" level=info msg="check completed" check=HasNoProhibitedPackages result=PASSED time="2026-05-10T19:30:41Z" level=info msg="check completed" check=HasRequiredLabel result=PASSED time="2026-05-10T19:30:41Z" level=info msg="USER 1001 specified that is non-root" check=RunAsNonRoot time="2026-05-10T19:30:41Z" level=info msg="check completed" check=RunAsNonRoot result=PASSED time="2026-05-10T19:30:44Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2026-05-10T19:30:45Z" level=info msg="check completed" check=BasedOnUbi result=PASSED time="2026-05-10T19:30:45Z" level=info msg="This image's tag on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 will be paired with digest sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." time="2026-05-10T19:30:45Z" level=info msg="Preflight result: FAILED" { "image": "quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.17.2", "commit": "eb87e5b2d67ad110a0afe8edfb16f445e0877c4e" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasNoProhibitedPackages", "elapsed_time": 35, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages." }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication" }, { "name": "HasModifiedFiles", "elapsed_time": 3474, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" }, { "name": "BasedOnUbi", "elapsed_time": 1115, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [] } } pod: python-component-exaywd-on-dec49121b57e80d4599df1d7974641c4-pod | container step-app-set-outcome: [retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 {"result":"FAILURE","timestamp":"1778441445","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: python-component-exaywd-on-dec49121b57e80d4599df1d7974641c4-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"FAILURE","timestamp":"1778441445","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: python-component-exaywd-on-pull-request-9j8wp-clair-scan-pod | init container: prepare 2026/05/10 19:25:34 Entrypoint initialization pod: python-component-exaywd-on-pull-request-9j8wp-clair-scan-pod | init container: place-scripts 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-0-j5c2j 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-1-cbglv 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-2-qblnx 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-3-cdczg pod: python-component-exaywd-on-pull-request-9j8wp-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082. pod: python-component-exaywd-on-pull-request-9j8wp-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... 2026-05-10T19:30:38Z INF matchers created component=libvuln/New matchers=[{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"}] 2026-05-10T19:30:38Z INF libvuln initialized component=libvuln/New 2026-05-10T19:30:39Z INF registered configured scanners component=libindex/New 2026-05-10T19:30:39Z INF NewLayerScanner: constructing a new layer-scanner component=indexer.NewLayerScanner 2026-05-10T19:30:39Z INF index request start component=libindex/Libindex.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 2026-05-10T19:30:39Z INF starting scan component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 2026-05-10T19:30:39Z INF manifest to be scanned component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=CheckManifest 2026-05-10T19:30:39Z INF layers fetch start component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=FetchLayers 2026-05-10T19:30:40Z INF layers fetch success component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=FetchLayers 2026-05-10T19:30:40Z INF layers fetch done component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=FetchLayers 2026-05-10T19:30:40Z INF layers scan start component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=ScanLayers 2026-05-10T19:30:41Z INF layers scan done component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=ScanLayers 2026-05-10T19:30:41Z INF starting index manifest component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=IndexManifest 2026-05-10T19:30:41Z INF finishing scan component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=IndexFinished 2026-05-10T19:30:41Z INF manifest successfully scanned component=indexer/controller/Controller.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 state=IndexFinished 2026-05-10T19:30:41Z INF index request done component=libindex/Libindex.Index manifest=sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 { "manifest_hash": "sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082", "packages": { "+A7/nzEXX3Q/xJZ50VMnlQ==": { "id": "+A7/nzEXX3Q/xJZ50VMnlQ==", "name": "libidn2", "version": "2.3.0-7.el9", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.3.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+ELGclZlzVhkDoWJwZc9OA==": { "id": "+ELGclZlzVhkDoWJwZc9OA==", "name": "libtirpc", "version": "1.3.3-9.el9", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.3.3-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+X1MdmtPTbyDb/wq7joJhA==": { "id": "+X1MdmtPTbyDb/wq7joJhA==", "name": "libtool-ltdl", "version": "2.4.6-46.el9", "kind": "binary", "source": { "id": "", "name": "libtool", "version": "2.4.6-46.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+bwl6UbMaWOBWdHNekJsEw==": { "id": "+bwl6UbMaWOBWdHNekJsEw==", "name": "coreutils-single", "version": "8.32-39.el9", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.32-39.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/+/PY3KkxApkx/Pn1Bzjkg==": { "id": "/+/PY3KkxApkx/Pn1Bzjkg==", "name": "mpdecimal", "version": "2.5.1-3.el9", "kind": "binary", "source": { "id": "", "name": "mpdecimal", "version": "2.5.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/L1kFEoHZTukrNTCQLypFQ==": { "id": "/L1kFEoHZTukrNTCQLypFQ==", "name": "xz-libs", "version": "5.2.5-8.el9_0", "kind": "binary", "source": { "id": "", "name": "xz", "version": "5.2.5-8.el9_0", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/O7rOBo1qRMFm3q3Kf3mEw==": { "id": "/O7rOBo1qRMFm3q3Kf3mEw==", "name": "libselinux", "version": "3.6-3.el9", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "3.6-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/THiuz93dsCZJETS3A4Xtw==": { "id": "/THiuz93dsCZJETS3A4Xtw==", "name": "libcom_err", "version": "1.46.5-8.el9", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.5-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/h/TBQhfoSMCmey5oN87jA==": { "id": "/h/TBQhfoSMCmey5oN87jA==", "name": "libsolv", "version": "0.7.24-3.el9", "kind": "binary", "source": { "id": "", "name": "libsolv", "version": "0.7.24-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "09r8DbZFJmI1tQW/a+ZlWQ==": { "id": "09r8DbZFJmI1tQW/a+ZlWQ==", "name": "shadow-utils", "version": "2:4.9-15.el9", "kind": "binary", "source": { "id": "", "name": "shadow-utils", "version": "4.9-15.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "1atoBfoH0mJ0bCpetQ7/0g==": { "id": "1atoBfoH0mJ0bCpetQ7/0g==", "name": "file-libs", "version": "5.39-16.el9", "kind": "binary", "source": { "id": "", "name": "file", "version": "5.39-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "1jyJPCL93kiEbfmNKeyz3g==": { "id": "1jyJPCL93kiEbfmNKeyz3g==", "name": "jinja2", "version": "3.1.6", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.1.6.0.0.0.0.0.0", "cpe": "" }, "1p1wTPVFlokLdC9/X3ksGg==": { "id": "1p1wTPVFlokLdC9/X3ksGg==", "name": "expat", "version": "2.5.0-5.el9_7.1", "kind": "binary", "source": { "id": "", "name": "expat", "version": "2.5.0-5.el9_7.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "2gCbp4kt+cF44NF/LqukDg==": { "id": "2gCbp4kt+cF44NF/LqukDg==", "name": "pcre2-syntax", "version": "10.40-6.el9", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.40-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "2zIvfSXFI57wQ4jcmb8tGg==": { "id": "2zIvfSXFI57wQ4jcmb8tGg==", "name": "pip", "version": "24.2", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.24.2.0.0.0.0.0.0.0", "cpe": "" }, "3mTZJuBPmze8Mqh3+zXYpw==": { "id": "3mTZJuBPmze8Mqh3+zXYpw==", "name": "krb5-libs", "version": "1.21.1-9.el9_7", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.21.1-9.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5+tHFkkNi+1rUDSrmgYdkw==": { "id": "5+tHFkkNi+1rUDSrmgYdkw==", "name": "p11-kit-trust", "version": "0.25.3-3.el9_5", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5JAFUJWmy04+T6x2oJw2jg==": { "id": "5JAFUJWmy04+T6x2oJw2jg==", "name": "libxml2", "version": "2.9.13-14.el9_7", "kind": "binary", "source": { "id": "", "name": "libxml2", "version": "2.9.13-14.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6xFsD1GCB9M7XKw2YxlsRw==": { "id": "6xFsD1GCB9M7XKw2YxlsRw==", "name": "glibc-minimal-langpack", "version": "2.34-231.el9_7.10", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-231.el9_7.10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "71E7ojyMFQ1Uwy0VMr2WLg==": { "id": "71E7ojyMFQ1Uwy0VMr2WLg==", "name": "rpm", "version": "4.16.1.3-39.el9", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.16.1.3-39.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7Cq0DQlwuYF2l/vIiUyjig==": { "id": "7Cq0DQlwuYF2l/vIiUyjig==", "name": "libdnf", "version": "0.69.0-17.el9_7", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.69.0-17.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7cpIREEQnkaI7dbmWgmrvg==": { "id": "7cpIREEQnkaI7dbmWgmrvg==", "name": "gdbm-libs", "version": "1:1.23-1.el9", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.23-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7mDaaxs3ev+uNEDYC97U3Q==": { "id": "7mDaaxs3ev+uNEDYC97U3Q==", "name": "zlib", "version": "1.2.11-40.el9", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1.2.11-40.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7vssDPaHKfFKMLimKBo7Gw==": { "id": "7vssDPaHKfFKMLimKBo7Gw==", "name": "libpeas", "version": "1.30.0-4.el9", "kind": "binary", "source": { "id": "", "name": "libpeas", "version": "1.30.0-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "8uME+PFu6p/OAD7q+ZTVLw==": { "id": "8uME+PFu6p/OAD7q+ZTVLw==", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.25.3-3.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9olIUlLHZMdoUMju+8diyQ==": { "id": "9olIUlLHZMdoUMju+8diyQ==", "name": "filesystem", "version": "3.16-5.el9", "kind": "binary", "source": { "id": "", "name": "filesystem", "version": "3.16-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ALpVm/ZRAM5oVFWlG75uhA==": { "id": "ALpVm/ZRAM5oVFWlG75uhA==", "name": "tzdata", "version": "2026a-1.el9", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2026a-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "AYWPcXxdUay0d/qxFjyxxA==": { "id": "AYWPcXxdUay0d/qxFjyxxA==", "name": "libarchive", "version": "3.5.3-9.el9_7", "kind": "binary", "source": { "id": "", "name": "libarchive", "version": "3.5.3-9.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BQhiFmX4hLYteW4oRCLTSA==": { "id": "BQhiFmX4hLYteW4oRCLTSA==", "name": "libassuan", "version": "2.5.5-3.el9", "kind": "binary", "source": { "id": "", "name": "libassuan", "version": "2.5.5-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BRLVvSCW1qZQlEQR2x48fQ==": { "id": "BRLVvSCW1qZQlEQR2x48fQ==", "name": "gobject-introspection", "version": "1.68.0-11.el9", "kind": "binary", "source": { "id": "", "name": "gobject-introspection", "version": "1.68.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "CS6z0/SKwjMOr6VBFQ1+lw==": { "id": "CS6z0/SKwjMOr6VBFQ1+lw==", "name": "findutils", "version": "1:4.8.0-7.el9", "kind": "binary", "source": { "id": "", "name": "findutils", "version": "4.8.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ClKGxv1WoEy4xOcXN5Rq9A==": { "id": "ClKGxv1WoEy4xOcXN5Rq9A==", "name": "glibc-langpack-en", "version": "2.34-231.el9_7.10", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-231.el9_7.10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DVT5EsNYhhc4TADNn+PvwA==": { "id": "DVT5EsNYhhc4TADNn+PvwA==", "name": "rootfiles", "version": "8.1-35.el9", "kind": "binary", "source": { "id": "", "name": "rootfiles", "version": "8.1-35.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "DY5Co0gkGtbgwDlkjfJLWA==": { "id": "DY5Co0gkGtbgwDlkjfJLWA==", "name": "markupsafe", "version": "3.0.3", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.0.3.0.0.0.0.0.0", "cpe": "" }, "DrLq8qfU1bfE8o8AfdvkrQ==": { "id": "DrLq8qfU1bfE8o8AfdvkrQ==", "name": "libverto", "version": "0.3.2-3.el9", "kind": "binary", "source": { "id": "", "name": "libverto", "version": "0.3.2-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "EjrCko4EN35q3gOrHdIWjw==": { "id": "EjrCko4EN35q3gOrHdIWjw==", "name": "rpm-libs", "version": "4.16.1.3-39.el9", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.16.1.3-39.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Esfj4A6yCPG0aR5IhgHmUg==": { "id": "Esfj4A6yCPG0aR5IhgHmUg==", "name": "libgcc", "version": "11.5.0-11.el9", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "11.5.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "G61ZL2SOHR2qgvQfi118gw==": { "id": "G61ZL2SOHR2qgvQfi118gw==", "name": "dejavu-sans-fonts", "version": "2.37-18.el9", "kind": "binary", "source": { "id": "", "name": "dejavu-fonts", "version": "2.37-18.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "GJbaWmnnmSb6F31bTeHB5g==": { "id": "GJbaWmnnmSb6F31bTeHB5g==", "name": "libsmartcols", "version": "2.37.4-21.el9_7", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "GdLrcchvFseDsR7KOv0vSQ==": { "id": "GdLrcchvFseDsR7KOv0vSQ==", "name": "crypto-policies", "version": "20250905-1.git377cc42.el9_7", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20250905-1.git377cc42.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "HFwGHerHwgvY8vkjr3x1Pg==": { "id": "HFwGHerHwgvY8vkjr3x1Pg==", "name": "itsdangerous", "version": "2.2.0", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.2.2.0.0.0.0.0.0.0", "cpe": "" }, "HKlRsQZtXaa3HoNDv500tg==": { "id": "HKlRsQZtXaa3HoNDv500tg==", "name": "openssl-fips-provider-so", "version": "3.0.7-8.el9", "kind": "binary", "source": { "id": "", "name": "openssl-fips-provider", "version": "3.0.7-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "HQdWvmyUSqtI3UTY0T4JiQ==": { "id": "HQdWvmyUSqtI3UTY0T4JiQ==", "name": "pcre", "version": "8.44-4.el9", "kind": "binary", "source": { "id": "", "name": "pcre", "version": "8.44-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "I16VSEydeiRYB1TSf5694A==": { "id": "I16VSEydeiRYB1TSf5694A==", "name": "libreport-filesystem", "version": "2.15.2-6.el9", "kind": "binary", "source": { "id": "", "name": "libreport", "version": "2.15.2-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "JF/KXrYQKwPQyQXcXBUzkQ==": { "id": "JF/KXrYQKwPQyQXcXBUzkQ==", "name": "librepo", "version": "1.14.5-3.el9", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.5-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JKP7JzVg7UGaAz4VrH03lQ==": { "id": "JKP7JzVg7UGaAz4VrH03lQ==", "name": "langpacks-core-font-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "KF5C+zKu/uFB7knCqOvDAQ==": { "id": "KF5C+zKu/uFB7knCqOvDAQ==", "name": "json-glib", "version": "1.6.6-1.el9", "kind": "binary", "source": { "id": "", "name": "json-glib", "version": "1.6.6-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Lwqn0aweLQLZmo12VvYcog==": { "id": "Lwqn0aweLQLZmo12VvYcog==", "name": "popt", "version": "1.18-8.el9", "kind": "binary", "source": { "id": "", "name": "popt", "version": "1.18-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "MDH8Zt4oQWDiYk9qFV5Lbg==": { "id": "MDH8Zt4oQWDiYk9qFV5Lbg==", "name": "libxcrypt", "version": "4.4.18-3.el9", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "4.4.18-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "MV68i9xAWcgxaP9HrTHIhA==": { "id": "MV68i9xAWcgxaP9HrTHIhA==", "name": "libmount", "version": "2.37.4-21.el9_7", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Mta8K+tWCjAV6ERlLy6JNw==": { "id": "Mta8K+tWCjAV6ERlLy6JNw==", "name": "audit-libs", "version": "3.1.5-7.el9", "kind": "binary", "source": { "id": "", "name": "audit", "version": "3.1.5-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NSiprMdkK5/5pxuNNJOh2A==": { "id": "NSiprMdkK5/5pxuNNJOh2A==", "name": "openssl-fips-provider", "version": "3.0.7-8.el9", "kind": "binary", "source": { "id": "", "name": "openssl-fips-provider", "version": "3.0.7-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NdCY2/S+syamLH224R4hug==": { "id": "NdCY2/S+syamLH224R4hug==", "name": "langpacks-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "O6NCE8KkqNnnBGJrWxfPwA==": { "id": "O6NCE8KkqNnnBGJrWxfPwA==", "name": "libstdc++", "version": "11.5.0-11.el9", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "11.5.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OCIjbR16ktOEiFK36r0WNw==": { "id": "OCIjbR16ktOEiFK36r0WNw==", "name": "libtasn1", "version": "4.16.0-9.el9", "kind": "binary", "source": { "id": "", "name": "libtasn1", "version": "4.16.0-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "OgwdUybWl/HQYbnPTE4Psw==": { "id": "OgwdUybWl/HQYbnPTE4Psw==", "name": "npth", "version": "1.6-8.el9", "kind": "binary", "source": { "id": "", "name": "npth", "version": "1.6-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Ohssf0Jzlafd9vtrrUKCXg==": { "id": "Ohssf0Jzlafd9vtrrUKCXg==", "name": "bash", "version": "5.1.8-9.el9", "kind": "binary", "source": { "id": "", "name": "bash", "version": "5.1.8-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "P5Om9zCJ/QZ+hnrEvj6fGw==": { "id": "P5Om9zCJ/QZ+hnrEvj6fGw==", "name": "libgcrypt", "version": "1.10.0-11.el9", "kind": "binary", "source": { "id": "", "name": "libgcrypt", "version": "1.10.0-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PIk2BBAWexCFofMi5q03RA==": { "id": "PIk2BBAWexCFofMi5q03RA==", "name": "pcre2", "version": "10.40-6.el9", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.40-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PZXvGa4khHd2n6o73hJ/Pg==": { "id": "PZXvGa4khHd2n6o73hJ/Pg==", "name": "microdnf", "version": "3.9.1-3.el9", "kind": "binary", "source": { "id": "", "name": "microdnf", "version": "3.9.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RIdJTslNAIfH4yKbDsoK9Q==": { "id": "RIdJTslNAIfH4yKbDsoK9Q==", "name": "redhat-release", "version": "9.7-0.7.el9", "kind": "binary", "source": { "id": "", "name": "redhat-release", "version": "9.7-0.7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RVoqRXLcdKU5LYfyLKdi3Q==": { "id": "RVoqRXLcdKU5LYfyLKdi3Q==", "name": "click", "version": "8.3.3", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.8.3.3.0.0.0.0.0.0", "cpe": "" }, "RXh3fimX8fGZeCt4chJEiA==": { "id": "RXh3fimX8fGZeCt4chJEiA==", "name": "librhsm", "version": "0.0.3-9.el9", "kind": "binary", "source": { "id": "", "name": "librhsm", "version": "0.0.3-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Rvi/ELF9npRUvy1j5xaf3A==": { "id": "Rvi/ELF9npRUvy1j5xaf3A==", "name": "python3.12-libs", "version": "3.12.12-4.el9_7.3", "kind": "binary", "source": { "id": "", "name": "python3.12", "version": "3.12.12-4.el9_7.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "S8p9UGak1oycptcpYp/1eg==": { "id": "S8p9UGak1oycptcpYp/1eg==", "name": "openldap", "version": "2.6.8-4.el9", "kind": "binary", "source": { "id": "", "name": "openldap", "version": "2.6.8-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "SOGOh5KIF2bfd7hJS1cJnQ==": { "id": "SOGOh5KIF2bfd7hJS1cJnQ==", "name": "libnghttp2", "version": "1.43.0-6.el9_7.1", "kind": "binary", "source": { "id": "", "name": "nghttp2", "version": "1.43.0-6.el9_7.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Su8bfW9ijc0V5CiAum2V1g==": { "id": "Su8bfW9ijc0V5CiAum2V1g==", "name": "bzip2-libs", "version": "1.0.8-10.el9_5", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.8-10.el9_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TPIRq84Pr3a6ywzPeCr3Pw==": { "id": "TPIRq84Pr3a6ywzPeCr3Pw==", "name": "libcap-ng", "version": "0.8.2-7.el9", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.8.2-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "To0NR+oyXDu1CYJfmVGurQ==": { "id": "To0NR+oyXDu1CYJfmVGurQ==", "name": "gpgme", "version": "1.15.1-6.el9", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.15.1-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TojrxyF1uOeAnm6ena/7rw==": { "id": "TojrxyF1uOeAnm6ena/7rw==", "name": "glibc", "version": "2.34-231.el9_7.10", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-231.el9_7.10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VMnz9P06lYzwRbSCeUuskg==": { "id": "VMnz9P06lYzwRbSCeUuskg==", "name": "python3.12", "version": "3.12.12-4.el9_7.3", "kind": "binary", "source": { "id": "", "name": "python3.12", "version": "3.12.12-4.el9_7.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VV2Z1ngTs6sGvt5SrayPCg==": { "id": "VV2Z1ngTs6sGvt5SrayPCg==", "name": "libgpg-error", "version": "1.42-5.el9", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.42-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VX9V+Y680L2xf2tBREdpCw==": { "id": "VX9V+Y680L2xf2tBREdpCw==", "name": "gmp", "version": "1:6.2.0-13.el9", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "6.2.0-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "W7uBqJb8l9AhSXjNg1JZQg==": { "id": "W7uBqJb8l9AhSXjNg1JZQg==", "name": "ncurses-libs", "version": "6.2-12.20210508.el9", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2-12.20210508.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "WKZFJYHmPo5x9c8JUEnETA==": { "id": "WKZFJYHmPo5x9c8JUEnETA==", "name": "glib2", "version": "2.68.4-18.el9_7.1", "kind": "binary", "source": { "id": "", "name": "glib2", "version": "2.68.4-18.el9_7.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "WVajSGKLGm8z6I23XYAhLQ==": { "id": "WVajSGKLGm8z6I23XYAhLQ==", "name": "cyrus-sasl-lib", "version": "2.1.27-22.el9", "kind": "binary", "source": { "id": "", "name": "cyrus-sasl", "version": "2.1.27-22.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XG5+bW8np2NedSy/od6z8Q==": { "id": "XG5+bW8np2NedSy/od6z8Q==", "name": "libacl", "version": "2.3.1-4.el9", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.3.1-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XIcr6HdP94Dud7DtFrfMZg==": { "id": "XIcr6HdP94Dud7DtFrfMZg==", "name": "libcap", "version": "2.48-10.el9", "kind": "binary", "source": { "id": "", "name": "libcap", "version": "2.48-10.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XwbkaIGCYyq6BjBMVZ1wzw==": { "id": "XwbkaIGCYyq6BjBMVZ1wzw==", "name": "readline", "version": "8.1-4.el9", "kind": "binary", "source": { "id": "", "name": "readline", "version": "8.1-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "aVZ2bh2CbtumQqaoGUZ8hA==": { "id": "aVZ2bh2CbtumQqaoGUZ8hA==", "name": "libcurl-minimal", "version": "7.76.1-35.el9_7.3", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.76.1-35.el9_7.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "arLt5War9yeQ8auYn/Idmw==": { "id": "arLt5War9yeQ8auYn/Idmw==", "name": "nettle", "version": "3.10.1-1.el9", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.10.1-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bFvWffGqJWr7FWnI7K9NVw==": { "id": "bFvWffGqJWr7FWnI7K9NVw==", "name": "grep", "version": "3.6-5.el9", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.6-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bemGVBhbDe9iV1Kjvd9hAA==": { "id": "bemGVBhbDe9iV1Kjvd9hAA==", "name": "libffi", "version": "3.4.2-8.el9", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.4.2-8.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "cHSz9008xXk2HDIrSqWjiA==": { "id": "cHSz9008xXk2HDIrSqWjiA==", "name": "python3.12-pip-wheel", "version": "23.2.1-5.el9", "kind": "binary", "source": { "id": "", "name": "python3.12-pip", "version": "23.2.1-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "cUL70WdpVP2ZBKoevAxwyA==": { "id": "cUL70WdpVP2ZBKoevAxwyA==", "name": "gnutls", "version": "3.8.3-10.el9_7", "kind": "binary", "source": { "id": "", "name": "gnutls", "version": "3.8.3-10.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dC9CoYt17eaqinGSVCfCxw==": { "id": "dC9CoYt17eaqinGSVCfCxw==", "name": "libattr", "version": "2.5.1-3.el9", "kind": "binary", "source": { "id": "", "name": "attr", "version": "2.5.1-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "de44cUqF23LvU0fOSvNRjA==": { "id": "de44cUqF23LvU0fOSvNRjA==", "name": "libevent", "version": "2.1.12-8.el9_4", "kind": "binary", "source": { "id": "", "name": "libevent", "version": "2.1.12-8.el9_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dpQG/pUwAqVv1OdQqnvylQ==": { "id": "dpQG/pUwAqVv1OdQqnvylQ==", "name": "libsigsegv", "version": "2.13-4.el9", "kind": "binary", "source": { "id": "", "name": "libsigsegv", "version": "2.13-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eRa7MZyiHBvsv7GPhkGKdg==": { "id": "eRa7MZyiHBvsv7GPhkGKdg==", "name": "lua-libs", "version": "5.4.4-4.el9", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.4.4-4.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "enagVWadN12gI5iPYugyvg==": { "id": "enagVWadN12gI5iPYugyvg==", "name": "gnupg2", "version": "2.3.3-5.el9_7", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.3.3-5.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ev4LjEwclLnf3ehIi3l8oA==": { "id": "ev4LjEwclLnf3ehIi3l8oA==", "name": "sqlite-libs", "version": "3.34.1-9.el9_7", "kind": "binary", "source": { "id": "", "name": "sqlite", "version": "3.34.1-9.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ewbqmzgK8Rzf739yT7IKUQ==": { "id": "ewbqmzgK8Rzf739yT7IKUQ==", "name": "ncurses-base", "version": "6.2-12.20210508.el9", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2-12.20210508.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f8lJd/yoDqE6O0RUQGqkpQ==": { "id": "f8lJd/yoDqE6O0RUQGqkpQ==", "name": "libusbx", "version": "1.0.26-1.el9", "kind": "binary", "source": { "id": "", "name": "libusbx", "version": "1.0.26-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gsKPriszRNKAqMnHK+dXgw==": { "id": "gsKPriszRNKAqMnHK+dXgw==", "name": "libksba", "version": "1.5.1-7.el9", "kind": "binary", "source": { "id": "", "name": "libksba", "version": "1.5.1-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hYEisV19Dxn4PvCvxJFm5A==": { "id": "hYEisV19Dxn4PvCvxJFm5A==", "name": "lz4-libs", "version": "1.9.3-5.el9", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.9.3-5.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jAjaNW7NMGiv7HfByDu4RQ==": { "id": "jAjaNW7NMGiv7HfByDu4RQ==", "name": "alternatives", "version": "1.24-2.el9", "kind": "binary", "source": { "id": "", "name": "chkconfig", "version": "1.24-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jxodkkAvUPklQOkQf5mRGQ==": { "id": "jxodkkAvUPklQOkQf5mRGQ==", "name": "openssl-libs", "version": "1:3.5.1-7.el9_7", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "3.5.1-7.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kFxhSjWy84mTZBM4XiZaeQ==": { "id": "kFxhSjWy84mTZBM4XiZaeQ==", "name": "setup", "version": "2.13.7-10.el9", "kind": "binary", "source": { "id": "", "name": "setup", "version": "2.13.7-10.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "kaLLRnNrSxtvkSdcliuniA==": { "id": "kaLLRnNrSxtvkSdcliuniA==", "name": "curl-minimal", "version": "7.76.1-35.el9_7.3", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.76.1-35.el9_7.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kigiD4fuysu8/DeCr+ONKQ==": { "id": "kigiD4fuysu8/DeCr+ONKQ==", "name": "basesystem", "version": "11-13.el9", "kind": "binary", "source": { "id": "", "name": "basesystem", "version": "11-13.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "kp6BaioAZ30jbVeZkkzokA==": { "id": "kp6BaioAZ30jbVeZkkzokA==", "name": "libzstd", "version": "1.5.5-1.el9", "kind": "binary", "source": { "id": "", "name": "zstd", "version": "1.5.5-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lbcitH3ttNejz+IVDee9kA==": { "id": "lbcitH3ttNejz+IVDee9kA==", "name": "dnf-data", "version": "4.14.0-31.el9", "kind": "binary", "source": { "id": "", "name": "dnf", "version": "4.14.0-31.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "mEtFd+xMT095mIzRiir4ww==": { "id": "mEtFd+xMT095mIzRiir4ww==", "name": "glibc-common", "version": "2.34-231.el9_7.10", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.34-231.el9_7.10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mK/FUfODp3MR7WS2xegPsw==": { "id": "mK/FUfODp3MR7WS2xegPsw==", "name": "langpacks-core-en", "version": "3.0-16.el9", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "3.0-16.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "mPqGnMbiXN6jP61aGbHvOA==": { "id": "mPqGnMbiXN6jP61aGbHvOA==", "name": "libyaml", "version": "0.2.5-7.el9", "kind": "binary", "source": { "id": "", "name": "libyaml", "version": "0.2.5-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "qYSZ6aKFWol313IOGRXaug==": { "id": "qYSZ6aKFWol313IOGRXaug==", "name": "json-c", "version": "0.14-11.el9", "kind": "binary", "source": { "id": "", "name": "json-c", "version": "0.14-11.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rCLp3m64Catai9VuHvh3Lw==": { "id": "rCLp3m64Catai9VuHvh3Lw==", "name": "keyutils-libs", "version": "1.6.3-1.el9", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.6.3-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rY/kE/V4JnxYoqV+lmc9mg==": { "id": "rY/kE/V4JnxYoqV+lmc9mg==", "name": "gawk", "version": "5.1.0-6.el9", "kind": "binary", "source": { "id": "", "name": "gawk", "version": "5.1.0-6.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rd4/gPEUtK2p++ni1m1dDg==": { "id": "rd4/gPEUtK2p++ni1m1dDg==", "name": "libsepol", "version": "3.6-3.el9", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "3.6-3.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rlHYqOr0lkUB/Gs6b1kD2g==": { "id": "rlHYqOr0lkUB/Gs6b1kD2g==", "name": "mpfr", "version": "4.1.0-7.el9", "kind": "binary", "source": { "id": "", "name": "mpfr", "version": "4.1.0-7.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sKD1m/Tx9mlFSspWqkqwXA==": { "id": "sKD1m/Tx9mlFSspWqkqwXA==", "name": "flask", "version": "2.3.3", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.2.3.3.0.0.0.0.0.0", "cpe": "" }, "sXA/H9XX1FCBnut09ugTOw==": { "id": "sXA/H9XX1FCBnut09ugTOw==", "name": "nss_wrapper-libs", "version": "1.1.13-1.el9", "kind": "binary", "source": { "id": "", "name": "nss_wrapper", "version": "1.1.13-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ssPaV1VLDu6d5ZJ6Rrmh3A==": { "id": "ssPaV1VLDu6d5ZJ6Rrmh3A==", "name": "sed", "version": "4.8-9.el9", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.8-9.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sx0C6L5COHIkv6yQQyPlbw==": { "id": "sx0C6L5COHIkv6yQQyPlbw==", "name": "libunistring", "version": "0.9.10-15.el9", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.10-15.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "tRUHRfZm99qQXU83EzodXA==": { "id": "tRUHRfZm99qQXU83EzodXA==", "name": "systemd-libs", "version": "252-55.el9_7.8", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "252-55.el9_7.8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u5TyEoU5GA6Z2czzwhMLiA==": { "id": "u5TyEoU5GA6Z2czzwhMLiA==", "name": "fonts-filesystem", "version": "1:2.0.5-7.el9.1", "kind": "binary", "source": { "id": "", "name": "fonts-rpm-macros", "version": "2.0.5-7.el9.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "uRB+svwXXxpR9DkvUVmAUQ==": { "id": "uRB+svwXXxpR9DkvUVmAUQ==", "name": "werkzeug", "version": "3.1.8", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.1.8.0.0.0.0.0.0", "cpe": "" }, "wCA3gMNtInqX1xg18QcnQg==": { "id": "wCA3gMNtInqX1xg18QcnQg==", "name": "ca-certificates", "version": "2024.2.69_v8.0.303-91.4.el9_4", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "2024.2.69_v8.0.303-91.4.el9_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "wKkzDAoEH1CCGQWghKjKdA==": { "id": "wKkzDAoEH1CCGQWghKjKdA==", "name": "libuuid", "version": "2.37.4-21.el9_7", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "x4oijVhQU8BUwJwoFvk4QA==": { "id": "x4oijVhQU8BUwJwoFvk4QA==", "name": "libmodulemd", "version": "2.13.0-2.el9", "kind": "binary", "source": { "id": "", "name": "libmodulemd", "version": "2.13.0-2.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yEp9fQVFIQAEDPCwC3GLmA==": { "id": "yEp9fQVFIQAEDPCwC3GLmA==", "name": "libsemanage", "version": "3.6-5.el9_6", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "3.6-5.el9_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yjR8lvdxVJDPIeBNVwLrcA==": { "id": "yjR8lvdxVJDPIeBNVwLrcA==", "name": "blinker", "version": "1.9.0", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.1.9.0.0.0.0.0.0.0", "cpe": "" }, "ylKWvEx4HfZO8SkVPL1IMA==": { "id": "ylKWvEx4HfZO8SkVPL1IMA==", "name": "libnsl2", "version": "2.0.0-1.el9", "kind": "binary", "source": { "id": "", "name": "libnsl2", "version": "2.0.0-1.el9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yr/wq9xPQXa1ScGcnndSag==": { "id": "yr/wq9xPQXa1ScGcnndSag==", "name": "libblkid", "version": "2.37.4-21.el9_7", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.37.4-21.el9_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" } }, "distributions": { "23db77ab-9c48-441d-afe6-8d7567669a51": { "id": "23db77ab-9c48-441d-afe6-8d7567669a51", "did": "rhel", "name": "Red Hat Enterprise Linux Server", "version": "9", "version_code_name": "", "version_id": "9", "arch": "", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "pretty_name": "Red Hat Enterprise Linux Server 9" } }, "repository": { "07b68076-45c7-4a59-be26-d97603519983": { "id": "07b68076-45c7-4a59-be26-d97603519983", "name": "cpe:/a:redhat:enterprise_linux:9::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "33836aeb-4717-47bf-8e73-43a49bcc7e6a": { "id": "33836aeb-4717-47bf-8e73-43a49bcc7e6a", "name": "cpe:/o:redhat:enterprise_linux:9::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "3af4105a-defd-4818-9c3d-15bf0db4c267": { "id": "3af4105a-defd-4818-9c3d-15bf0db4c267", "name": "pypi", "uri": "https://pypi.org/simple", "cpe": "" }, "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff": { "id": "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff", "name": "cpe:/o:redhat:enterprise_linux:9::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "a99b2462-bdb5-41af-b7d2-a04a7209ab78": { "id": "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "name": "cpe:/a:redhat:enterprise_linux:9::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" } }, "environments": { "+A7/nzEXX3Q/xJZ50VMnlQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "+ELGclZlzVhkDoWJwZc9OA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "+X1MdmtPTbyDb/wq7joJhA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "+bwl6UbMaWOBWdHNekJsEw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "/+/PY3KkxApkx/Pn1Bzjkg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "/L1kFEoHZTukrNTCQLypFQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "/O7rOBo1qRMFm3q3Kf3mEw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "/THiuz93dsCZJETS3A4Xtw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "/h/TBQhfoSMCmey5oN87jA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "09r8DbZFJmI1tQW/a+ZlWQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "1atoBfoH0mJ0bCpetQ7/0g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "1jyJPCL93kiEbfmNKeyz3g==": [ { "package_db": "python:opt/app-root/lib/python3.12/site-packages", "introduced_in": "sha256:34d99020b0bcb9a2ef619ef997c0b1a01bc47884cdce83c0c396fbf5783a0250", "distribution_id": "", "repository_ids": [ "3af4105a-defd-4818-9c3d-15bf0db4c267" ] } ], "1p1wTPVFlokLdC9/X3ksGg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "2gCbp4kt+cF44NF/LqukDg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "2zIvfSXFI57wQ4jcmb8tGg==": [ { "package_db": "python:opt/app-root/lib/python3.12/site-packages", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": [ "3af4105a-defd-4818-9c3d-15bf0db4c267" ] } ], "3mTZJuBPmze8Mqh3+zXYpw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "5+tHFkkNi+1rUDSrmgYdkw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "5JAFUJWmy04+T6x2oJw2jg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "6xFsD1GCB9M7XKw2YxlsRw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "71E7ojyMFQ1Uwy0VMr2WLg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "7Cq0DQlwuYF2l/vIiUyjig==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "7cpIREEQnkaI7dbmWgmrvg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "7mDaaxs3ev+uNEDYC97U3Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "7vssDPaHKfFKMLimKBo7Gw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "8uME+PFu6p/OAD7q+ZTVLw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "9olIUlLHZMdoUMju+8diyQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "ALpVm/ZRAM5oVFWlG75uhA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "AYWPcXxdUay0d/qxFjyxxA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "BQhiFmX4hLYteW4oRCLTSA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "BRLVvSCW1qZQlEQR2x48fQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "CS6z0/SKwjMOr6VBFQ1+lw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "ClKGxv1WoEy4xOcXN5Rq9A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "DVT5EsNYhhc4TADNn+PvwA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "DY5Co0gkGtbgwDlkjfJLWA==": [ { "package_db": "python:opt/app-root/lib/python3.12/site-packages", "introduced_in": "sha256:34d99020b0bcb9a2ef619ef997c0b1a01bc47884cdce83c0c396fbf5783a0250", "distribution_id": "", "repository_ids": [ "3af4105a-defd-4818-9c3d-15bf0db4c267" ] } ], "DrLq8qfU1bfE8o8AfdvkrQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "EjrCko4EN35q3gOrHdIWjw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "Esfj4A6yCPG0aR5IhgHmUg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "G61ZL2SOHR2qgvQfi118gw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "GJbaWmnnmSb6F31bTeHB5g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "GdLrcchvFseDsR7KOv0vSQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "HFwGHerHwgvY8vkjr3x1Pg==": [ { "package_db": "python:opt/app-root/lib/python3.12/site-packages", "introduced_in": "sha256:34d99020b0bcb9a2ef619ef997c0b1a01bc47884cdce83c0c396fbf5783a0250", "distribution_id": "", "repository_ids": [ "3af4105a-defd-4818-9c3d-15bf0db4c267" ] } ], "HKlRsQZtXaa3HoNDv500tg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "HQdWvmyUSqtI3UTY0T4JiQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "I16VSEydeiRYB1TSf5694A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "JF/KXrYQKwPQyQXcXBUzkQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "JKP7JzVg7UGaAz4VrH03lQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "KF5C+zKu/uFB7knCqOvDAQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "Lwqn0aweLQLZmo12VvYcog==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "MDH8Zt4oQWDiYk9qFV5Lbg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "MV68i9xAWcgxaP9HrTHIhA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "Mta8K+tWCjAV6ERlLy6JNw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "NSiprMdkK5/5pxuNNJOh2A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "NdCY2/S+syamLH224R4hug==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "O6NCE8KkqNnnBGJrWxfPwA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "OCIjbR16ktOEiFK36r0WNw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "OgwdUybWl/HQYbnPTE4Psw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "Ohssf0Jzlafd9vtrrUKCXg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "P5Om9zCJ/QZ+hnrEvj6fGw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "PIk2BBAWexCFofMi5q03RA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "PZXvGa4khHd2n6o73hJ/Pg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "RIdJTslNAIfH4yKbDsoK9Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "RVoqRXLcdKU5LYfyLKdi3Q==": [ { "package_db": "python:opt/app-root/lib/python3.12/site-packages", "introduced_in": "sha256:34d99020b0bcb9a2ef619ef997c0b1a01bc47884cdce83c0c396fbf5783a0250", "distribution_id": "", "repository_ids": [ "3af4105a-defd-4818-9c3d-15bf0db4c267" ] } ], "RXh3fimX8fGZeCt4chJEiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "Rvi/ELF9npRUvy1j5xaf3A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "S8p9UGak1oycptcpYp/1eg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "SOGOh5KIF2bfd7hJS1cJnQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "Su8bfW9ijc0V5CiAum2V1g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "TPIRq84Pr3a6ywzPeCr3Pw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "To0NR+oyXDu1CYJfmVGurQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "TojrxyF1uOeAnm6ena/7rw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "VMnz9P06lYzwRbSCeUuskg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "VV2Z1ngTs6sGvt5SrayPCg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "VX9V+Y680L2xf2tBREdpCw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "W7uBqJb8l9AhSXjNg1JZQg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "WKZFJYHmPo5x9c8JUEnETA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "WVajSGKLGm8z6I23XYAhLQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "XG5+bW8np2NedSy/od6z8Q==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "XIcr6HdP94Dud7DtFrfMZg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "XwbkaIGCYyq6BjBMVZ1wzw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "aVZ2bh2CbtumQqaoGUZ8hA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "arLt5War9yeQ8auYn/Idmw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "bFvWffGqJWr7FWnI7K9NVw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "bemGVBhbDe9iV1Kjvd9hAA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "cHSz9008xXk2HDIrSqWjiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "cUL70WdpVP2ZBKoevAxwyA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "dC9CoYt17eaqinGSVCfCxw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "de44cUqF23LvU0fOSvNRjA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "dpQG/pUwAqVv1OdQqnvylQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "eRa7MZyiHBvsv7GPhkGKdg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "enagVWadN12gI5iPYugyvg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "ev4LjEwclLnf3ehIi3l8oA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "ewbqmzgK8Rzf739yT7IKUQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "f8lJd/yoDqE6O0RUQGqkpQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "gsKPriszRNKAqMnHK+dXgw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "hYEisV19Dxn4PvCvxJFm5A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "jAjaNW7NMGiv7HfByDu4RQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "jxodkkAvUPklQOkQf5mRGQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "kFxhSjWy84mTZBM4XiZaeQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "kaLLRnNrSxtvkSdcliuniA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "kigiD4fuysu8/DeCr+ONKQ==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "kp6BaioAZ30jbVeZkkzokA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "lbcitH3ttNejz+IVDee9kA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "mEtFd+xMT095mIzRiir4ww==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "mK/FUfODp3MR7WS2xegPsw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "mPqGnMbiXN6jP61aGbHvOA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "qYSZ6aKFWol313IOGRXaug==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "rCLp3m64Catai9VuHvh3Lw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "rY/kE/V4JnxYoqV+lmc9mg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "rd4/gPEUtK2p++ni1m1dDg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "rlHYqOr0lkUB/Gs6b1kD2g==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "sKD1m/Tx9mlFSspWqkqwXA==": [ { "package_db": "python:opt/app-root/lib/python3.12/site-packages", "introduced_in": "sha256:34d99020b0bcb9a2ef619ef997c0b1a01bc47884cdce83c0c396fbf5783a0250", "distribution_id": "", "repository_ids": [ "3af4105a-defd-4818-9c3d-15bf0db4c267" ] } ], "sXA/H9XX1FCBnut09ugTOw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "ssPaV1VLDu6d5ZJ6Rrmh3A==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "sx0C6L5COHIkv6yQQyPlbw==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "tRUHRfZm99qQXU83EzodXA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "u5TyEoU5GA6Z2czzwhMLiA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "uRB+svwXXxpR9DkvUVmAUQ==": [ { "package_db": "python:opt/app-root/lib/python3.12/site-packages", "introduced_in": "sha256:34d99020b0bcb9a2ef619ef997c0b1a01bc47884cdce83c0c396fbf5783a0250", "distribution_id": "", "repository_ids": [ "3af4105a-defd-4818-9c3d-15bf0db4c267" ] } ], "wCA3gMNtInqX1xg18QcnQg==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "wKkzDAoEH1CCGQWghKjKdA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "x4oijVhQU8BUwJwoFvk4QA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "yEp9fQVFIQAEDPCwC3GLmA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ], "yjR8lvdxVJDPIeBNVwLrcA==": [ { "package_db": "python:opt/app-root/lib/python3.12/site-packages", "introduced_in": "sha256:34d99020b0bcb9a2ef619ef997c0b1a01bc47884cdce83c0c396fbf5783a0250", "distribution_id": "", "repository_ids": [ "3af4105a-defd-4818-9c3d-15bf0db4c267" ] } ], "ylKWvEx4HfZO8SkVPL1IMA==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:72c1da5df399264a8c6b035c246d023523ff0af5682c2e2ceb489c33addd8186", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "07b68076-45c7-4a59-be26-d97603519983", "8b3e1fb7-f415-4db7-aa22-fcac5d1733ff" ] } ], "yr/wq9xPQXa1ScGcnndSag==": [ { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "", "repository_ids": null }, { "package_db": "sqlite:var/lib/rpm", "introduced_in": "sha256:c770e69088fa05bea8942da1c1e3fa6066cc7c288153d81443e0c9435861e0b1", "distribution_id": "23db77ab-9c48-441d-afe6-8d7567669a51", "repository_ids": [ "a99b2462-bdb5-41af-b7d2-a04a7209ab78", "33836aeb-4717-47bf-8e73-43a49bcc7e6a" ] } ] }, "vulnerabilities": { "+TrS27bZKgEeir9pISurnQ==": { "id": "+TrS27bZKgEeir9pISurnQ==", "updater": "rhel-vex", "name": "CVE-2026-5773", "description": "A flaw was found in libcurl. Due to a logical error in the connection reuse mechanism for SMB (Server Message Block) transfers, libcurl might reuse an existing SMB connection with a different share than intended. This vulnerability, categorized as CWE-488 (Exposure of Data Element to Wrong Session), could lead to the download of an incorrect file or the upload of a file to an unintended location when an application uses libcurl for SMB transfers.", "issued": "2026-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5773 https://bugzilla.redhat.com/show_bug.cgi?id=2461201 https://www.cve.org/CVERecord?id=CVE-2026-5773 https://nvd.nist.gov/vuln/detail/CVE-2026-5773 https://curl.se/docs/CVE-2026-5773.html https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5773.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0E1VjQWdmolR9lr9ElIZZQ==": { "id": "0E1VjQWdmolR9lr9ElIZZQ==", "updater": "rhel-vex", "name": "CVE-2026-28389", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence, leading to a NULL pointer dereference. This can result in a Denial of Service (DoS) for applications that handle untrusted CMS data.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28389 https://bugzilla.redhat.com/show_bug.cgi?id=2451096 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28389.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0pU+deBcFmDWmYK3la46Cw==": { "id": "0pU+deBcFmDWmYK3la46Cw==", "updater": "rhel-vex", "name": "CVE-2026-6019", "description": "A flaw was found in Python's `http.cookies` module. The `Morsel.js_output()` function, responsible for generating JavaScript output for cookies, does not properly neutralize the `\u003c/script\u003e` HTML sequence. This oversight could allow a remote attacker to inject malicious script into a web page, potentially leading to Cross-Site Scripting (XSS) attacks. Such an attack could result in information disclosure or arbitrary code execution within the user's browser.", "issued": "2026-04-22T19:28:08Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6019 https://bugzilla.redhat.com/show_bug.cgi?id=2460869 https://www.cve.org/CVERecord?id=CVE-2026-6019 https://nvd.nist.gov/vuln/detail/CVE-2026-6019 https://github.com/python/cpython/commit/76b3923d688c0efc580658476c5f525ec8735104 https://github.com/python/cpython/issues/90309 https://github.com/python/cpython/pull/148848 https://mail.python.org/archives/list/security-announce@python.org/thread/IVNWGV2BBNC3RHQAFS22UP4DY56SAXX3/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6019.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1geoBO6lBMXVRM+dfApwgw==": { "id": "1geoBO6lBMXVRM+dfApwgw==", "updater": "rhel-vex", "name": "CVE-2026-32776", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted XML content with empty external parameter entities. This could lead to a NULL pointer dereference, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-16T06:54:20Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32776 https://bugzilla.redhat.com/show_bug.cgi?id=2447888 https://www.cve.org/CVERecord?id=CVE-2026-32776 https://nvd.nist.gov/vuln/detail/CVE-2026-32776 https://github.com/libexpat/libexpat/pull/1158 https://github.com/libexpat/libexpat/pull/1159 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32776.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1npmxgSnoYj2MyAhQMaE7g==": { "id": "1npmxgSnoYj2MyAhQMaE7g==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1o3CcsK5ei5Kk6K4Xhffgg==": { "id": "1o3CcsK5ei5Kk6K4Xhffgg==", "updater": "rhel-vex", "name": "CVE-2025-6075", "description": "A vulnerability in Python’s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.", "issued": "2025-10-31T16:41:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6075 https://bugzilla.redhat.com/show_bug.cgi?id=2408891 https://www.cve.org/CVERecord?id=CVE-2025-6075 https://nvd.nist.gov/vuln/detail/CVE-2025-6075 https://github.com/python/cpython/issues/136065 https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6075.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2TDjlt2gAEWsLyBBPigFYw==": { "id": "2TDjlt2gAEWsLyBBPigFYw==", "updater": "rhel-vex", "name": "CVE-2024-13176", "description": "A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.", "issued": "2025-01-20T13:29:57Z", "links": "https://access.redhat.com/security/cve/CVE-2024-13176 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-13176.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3UNcgW64Eji4iyY2ZDB1cg==": { "id": "3UNcgW64Eji4iyY2ZDB1cg==", "updater": "rhel-vex", "name": "CVE-2026-3783", "description": "A flaw was found in curl. When an OAuth2 bearer token is used for an HTTP(S) transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the `.netrc` file, allowing the bearer token intended for the first host to be sent to the redirected host. This information disclosure could allow an attacker to gain unauthorized access.", "issued": "2026-03-11T10:09:08Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3783 https://bugzilla.redhat.com/show_bug.cgi?id=2446450 https://www.cve.org/CVERecord?id=CVE-2026-3783 https://nvd.nist.gov/vuln/detail/CVE-2026-3783 http://www.openwall.com/lists/oss-security/2026/03/11/2 https://curl.se/docs/CVE-2026-3783.html https://curl.se/docs/CVE-2026-3783.json https://hackerone.com/reports/3583983 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3783.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "59oEBlU3jh6EL6gtZDUaug==": { "id": "59oEBlU3jh6EL6gtZDUaug==", "updater": "rhel-vex", "name": "CVE-2026-4437", "description": "A flaw was found in glibc (the GNU C Library). When an application uses the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS (Domain Name System) response. This crafted response can cause the application to incorrectly interpret a non-answer section of the DNS response as a valid answer, leading to potential misbehavior or incorrect information processing.", "issued": "2026-03-20T19:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4437 https://bugzilla.redhat.com/show_bug.cgi?id=2449777 https://www.cve.org/CVERecord?id=CVE-2026-4437 https://nvd.nist.gov/vuln/detail/CVE-2026-4437 https://sourceware.org/bugzilla/show_bug.cgi?id=34014 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4437.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5BksN0izCeDRrtFMsNCyvg==": { "id": "5BksN0izCeDRrtFMsNCyvg==", "updater": "rhel-vex", "name": "CVE-2025-9232", "description": "A flaw was found in the OpenSSL HTTP client API no_proxy handling. This vulnerability allows an application level denial of service (application crash) via an attacker-controlled IPv6 URL when the no_proxy environment variable is set.", "issued": "2025-09-30T23:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9232 https://bugzilla.redhat.com/show_bug.cgi?id=2396056 https://www.cve.org/CVERecord?id=CVE-2025-9232 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9232.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "66LeUA2b+ILx/Qsv0eSJ5w==": { "id": "66LeUA2b+ILx/Qsv0eSJ5w==", "updater": "rhel-vex", "name": "CVE-2026-3832", "description": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.", "issued": "2026-04-30T17:29:25Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3832 https://bugzilla.redhat.com/show_bug.cgi?id=2445762 https://www.cve.org/CVERecord?id=CVE-2026-3832 https://nvd.nist.gov/vuln/detail/CVE-2026-3832 https://gitlab.com/gnutls/gnutls/-/issues/1801 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3832.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6hAQW3vY9ZA/8datv1rY4g==": { "id": "6hAQW3vY9ZA/8datv1rY4g==", "updater": "rhel-vex", "name": "CVE-2024-41996", "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "issued": "2024-08-26T06:15:04Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41996 https://bugzilla.redhat.com/show_bug.cgi?id=2307826 https://www.cve.org/CVERecord?id=CVE-2024-41996 https://nvd.nist.gov/vuln/detail/CVE-2024-41996 https://dheatattack.gitlab.io/details/ https://dheatattack.gitlab.io/faq/ https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1 https://github.com/openssl/openssl/issues/17374 https://openssl-library.org/post/2022-10-21-tls-groups-configuration/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41996.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6rEIsdyQtCC456AuGwgsDQ==": { "id": "6rEIsdyQtCC456AuGwgsDQ==", "updater": "rhel-vex", "name": "CVE-2025-15079", "description": "A flaw was found in curl. When performing SSH-based transfers using SCP or SFTP, libcurl could mistakenly connect to hosts not listed in the user-specified knownhosts file. This occurs if the host is present in the libssh global knownhosts file, effectively bypassing the intended host verification. This could allow a remote attacker to connect to an untrusted host, potentially leading to information disclosure or man-in-the-middle attacks.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15079 https://bugzilla.redhat.com/show_bug.cgi?id=2426409 https://www.cve.org/CVERecord?id=CVE-2025-15079 https://nvd.nist.gov/vuln/detail/CVE-2025-15079 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15079.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "72HhoIyfPMwkQyR2IF7qqw==": { "id": "72HhoIyfPMwkQyR2IF7qqw==", "updater": "rhel-vex", "name": "CVE-2026-4878", "description": "A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.", "issued": "2026-04-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2451615 https://www.cve.org/CVERecord?id=CVE-2026-4878 https://nvd.nist.gov/vuln/detail/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2447554 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4878.json https://access.redhat.com/errata/RHSA-2026:12441", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libcap", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.48-10.el9_7.1", "arch_op": "pattern match" }, "76mWuVYhbmIFsc4DNorK9A==": { "id": "76mWuVYhbmIFsc4DNorK9A==", "updater": "rhel-vex", "name": "CVE-2025-5917", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5917 https://bugzilla.redhat.com/show_bug.cgi?id=2370874 https://www.cve.org/CVERecord?id=CVE-2025-5917 https://nvd.nist.gov/vuln/detail/CVE-2025-5917 https://github.com/libarchive/libarchive/pull/2588 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5917.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7aI+wyLEqkIPj2Wh4f1UKg==": { "id": "7aI+wyLEqkIPj2Wh4f1UKg==", "updater": "rhel-vex", "name": "CVE-2026-40356", "description": "A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling `gss_accept_sec_context()` on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of Service (DoS).", "issued": "2026-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-40356 https://bugzilla.redhat.com/show_bug.cgi?id=2463368 https://www.cve.org/CVERecord?id=CVE-2026-40356 https://nvd.nist.gov/vuln/detail/CVE-2026-40356 https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f https://web.mit.edu/kerberos/advisories/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40356.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8MfvwX+dRI6Qt2H+x71rZg==": { "id": "8MfvwX+dRI6Qt2H+x71rZg==", "updater": "rhel-vex", "name": "CVE-2025-15224", "description": "A flaw was found in libcurl. When doing SSH-based transfers using either SCP or SFTP, and asked to do\npublic key authentication, curl would wrongly still ask and authenticate using\na locally running SSH agent.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15224 https://bugzilla.redhat.com/show_bug.cgi?id=2426410 https://www.cve.org/CVERecord?id=CVE-2025-15224 https://nvd.nist.gov/vuln/detail/CVE-2025-15224 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15224.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8Vh/74zzLJBwomIGKFVL4A==": { "id": "8Vh/74zzLJBwomIGKFVL4A==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8ZCpE1M7eqNdy615aO2gLQ==": { "id": "8ZCpE1M7eqNdy615aO2gLQ==", "updater": "rhel-vex", "name": "CVE-2026-0992", "description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0992 https://bugzilla.redhat.com/show_bug.cgi?id=2429975 https://www.cve.org/CVERecord?id=CVE-2026-0992 https://nvd.nist.gov/vuln/detail/CVE-2026-0992 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0992.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8kndQj/aRn+NNJdGVP9v4g==": { "id": "8kndQj/aRn+NNJdGVP9v4g==", "updater": "rhel-vex", "name": "CVE-2023-45322", "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "issued": "2023-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45322 https://bugzilla.redhat.com/show_bug.cgi?id=2242945 https://www.cve.org/CVERecord?id=CVE-2023-45322 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45322.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8uv2vKf0QrdM+zJP4ufG+Q==": { "id": "8uv2vKf0QrdM+zJP4ufG+Q==", "updater": "osv/pypi", "name": "GHSA-jp4c-xjxw-mgf9", "description": "pip Vulnerable to Inclusion of Functionality from Untrusted Control Sphere", "issued": "2026-04-27T15:30:52Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2026-6357 https://github.com/pypa/pip/pull/13923 https://github.com/pypa/pip/commit/b369bfc96cc524e00c267e1693290e6599c36bad https://github.com/pypa/pip https://ichard26.github.io/blog/2026/04/whats-new-in-pip-26.1/#security-fixes http://www.openwall.com/lists/oss-security/2026/04/27/7", "severity": "MODERATE", "normalized_severity": "Medium", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=26.1" }, "93q5MXST6uuNjTpLR5s0WA==": { "id": "93q5MXST6uuNjTpLR5s0WA==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9RxYA6DR0jHWLzVJ4iVKDg==": { "id": "9RxYA6DR0jHWLzVJ4iVKDg==", "updater": "rhel-vex", "name": "CVE-2026-1502", "description": "A flaw was found in Python. This vulnerability allows for the injection of extra information into HTTP communication. Specifically, the system does not properly prevent special characters (carriage return and line feed) from being included in HTTP client proxy tunnel headers or host fields.", "issued": "2026-04-10T17:54:44Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1502 https://bugzilla.redhat.com/show_bug.cgi?id=2457409 https://www.cve.org/CVERecord?id=CVE-2026-1502 https://nvd.nist.gov/vuln/detail/CVE-2026-1502 https://github.com/python/cpython/commit/05ed7ce7ae9e17c23a04085b2539fe6d6d3cef69 https://github.com/python/cpython/issues/146211 https://github.com/python/cpython/pull/146212 https://mail.python.org/archives/list/security-announce@python.org/thread/2IVPAEQWUJBCTQZEJEVTYCIKSMQPGRZ3/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1502.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9bjl4H6CMWLL3h1g5y6i9Q==": { "id": "9bjl4H6CMWLL3h1g5y6i9Q==", "updater": "rhel-vex", "name": "CVE-2026-5928", "description": "A flaw was found in glibc (GNU C Library). When the `ungetwc` function is called on a file stream using wide characters with specific overlapping single-byte and multi-byte encodings, it may attempt to read data outside of its allocated buffer. This can lead to the unintentional disclosure of sensitive information from memory or cause the program to crash, resulting in a denial of service.", "issued": "2026-04-20T20:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5928 https://bugzilla.redhat.com/show_bug.cgi?id=2459854 https://www.cve.org/CVERecord?id=CVE-2026-5928 https://nvd.nist.gov/vuln/detail/CVE-2026-5928 https://sourceware.org/bugzilla/show_bug.cgi?id=33998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5928.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9iigvnuYDaC8UzcOIDLjIQ==": { "id": "9iigvnuYDaC8UzcOIDLjIQ==", "updater": "rhel-vex", "name": "CVE-2026-24883", "description": "A flaw was found in GnuPG. A remote attacker could provide a specially crafted long signature packet that, when processed, causes the application to crash. This vulnerability leads to a denial of service (DoS), making the GnuPG application unavailable to legitimate users.", "issued": "2026-01-27T18:43:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24883 https://bugzilla.redhat.com/show_bug.cgi?id=2433463 https://www.cve.org/CVERecord?id=CVE-2026-24883 https://nvd.nist.gov/vuln/detail/CVE-2026-24883 https://dev.gnupg.org/T8049 https://www.openwall.com/lists/oss-security/2026/01/27/8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24883.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AD3UsMwxeXvBzVWIm5l5yw==": { "id": "AD3UsMwxeXvBzVWIm5l5yw==", "updater": "rhel-vex", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "2025-05-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5278 https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://www.cve.org/CVERecord?id=CVE-2025-5278 https://nvd.nist.gov/vuln/detail/CVE-2025-5278 https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5278.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "APh1+6yq/mlF0fXLxUkIDw==": { "id": "APh1+6yq/mlF0fXLxUkIDw==", "updater": "rhel-vex", "name": "CVE-2026-41989", "description": "A flaw was found in Libgcrypt. A remote attacker could exploit this vulnerability by sending crafted Elliptic Curve Diffie-Hellman (ECDH) ciphertext to the `gcry_pk_decrypt` function. This can lead to a heap-based buffer overflow, potentially causing a denial of service (DoS) condition.", "issued": "2026-04-23T04:30:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-41989 https://bugzilla.redhat.com/show_bug.cgi?id=2461063 https://www.cve.org/CVERecord?id=CVE-2026-41989 https://nvd.nist.gov/vuln/detail/CVE-2026-41989 https://dev.gnupg.org/T8211 https://lists.gnupg.org/pipermail/gnupg-announce/2026q2/000503.html https://www.openwall.com/lists/oss-security/2026/04/21/1 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41989.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AUiFITCnRjRxctzqqbDeeA==": { "id": "AUiFITCnRjRxctzqqbDeeA==", "updater": "rhel-vex", "name": "CVE-2022-3219", "description": "A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service.", "issued": "2022-09-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://www.cve.org/CVERecord?id=CVE-2022-3219 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://dev.gnupg.org/D556 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3219.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AwYRRq6SmgfJLn2NZxQUdw==": { "id": "AwYRRq6SmgfJLn2NZxQUdw==", "updater": "rhel-vex", "name": "CVE-2024-34459", "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "issued": "2024-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34459 https://bugzilla.redhat.com/show_bug.cgi?id=2280532 https://www.cve.org/CVERecord?id=CVE-2024-34459 https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34459.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BbFyqCHo/md2/G6tJPmC8Q==": { "id": "BbFyqCHo/md2/G6tJPmC8Q==", "updater": "rhel-vex", "name": "CVE-2025-4516", "description": "A vulnerability has been identified in CPython's bytes.decode() function when used with the \"unicode_escape\" encoding and the \"ignore\" or \"replace\" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches like data exfiltration, the resulting unexpected program behavior could introduce instability, logic errors, or unintended side effects within applications that rely on this specific decoding functionality.", "issued": "2025-05-15T13:29:20Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4516 https://bugzilla.redhat.com/show_bug.cgi?id=2366509 https://www.cve.org/CVERecord?id=CVE-2025-4516 https://nvd.nist.gov/vuln/detail/CVE-2025-4516 https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142 https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e https://github.com/python/cpython/issues/133767 https://github.com/python/cpython/pull/129648 https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4516.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DDxCHnX+kCqcRQj9b90/cg==": { "id": "DDxCHnX+kCqcRQj9b90/cg==", "updater": "rhel-vex", "name": "CVE-2023-4156", "description": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.", "issued": "2023-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4156 https://bugzilla.redhat.com/show_bug.cgi?id=2215930 https://www.cve.org/CVERecord?id=CVE-2023-4156 https://nvd.nist.gov/vuln/detail/CVE-2023-4156 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4156.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gawk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DTApvRZh1HJD5XbbpU3ahw==": { "id": "DTApvRZh1HJD5XbbpU3ahw==", "updater": "rhel-vex", "name": "CVE-2026-1757", "description": "A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.", "issued": "2026-02-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1757 https://bugzilla.redhat.com/show_bug.cgi?id=2435940 https://www.cve.org/CVERecord?id=CVE-2026-1757 https://nvd.nist.gov/vuln/detail/CVE-2026-1757 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DXoWfwXPN9ZCvCU/obObKQ==": { "id": "DXoWfwXPN9ZCvCU/obObKQ==", "updater": "rhel-vex", "name": "CVE-2026-4878", "description": "A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.", "issued": "2026-04-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2451615 https://www.cve.org/CVERecord?id=CVE-2026-4878 https://nvd.nist.gov/vuln/detail/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2447554 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4878.json https://access.redhat.com/errata/RHSA-2026:12441", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libcap", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.48-10.el9_7.1", "arch_op": "pattern match" }, "Ez8lHT2uV9Tf9vJC/T4WXg==": { "id": "Ez8lHT2uV9Tf9vJC/T4WXg==", "updater": "rhel-vex", "name": "CVE-2026-4426", "description": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4426 https://bugzilla.redhat.com/show_bug.cgi?id=2449010 https://www.cve.org/CVERecord?id=CVE-2026-4426 https://nvd.nist.gov/vuln/detail/CVE-2026-4426 https://github.com/libarchive/libarchive/pull/2897 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4426.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "F4WBuBnk4OQIl1a5Q4CVPg==": { "id": "F4WBuBnk4OQIl1a5Q4CVPg==", "updater": "rhel-vex", "name": "CVE-2025-6170", "description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "issued": "2025-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952 https://www.cve.org/CVERecord?id=CVE-2025-6170 https://nvd.nist.gov/vuln/detail/CVE-2025-6170 https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6170.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FQwXyPZ+oHyxQZ9RBQXbpw==": { "id": "FQwXyPZ+oHyxQZ9RBQXbpw==", "updater": "rhel-vex", "name": "CVE-2025-13034", "description": "A flaw was found in curl. When configured to use public key pinning with QUIC connections and GnuTLS, and with standard certificate verification explicitly disabled, curl could bypass the intended public key check. This oversight allows a malicious server to impersonate a legitimate one, potentially leading to unauthorized access or information disclosure due to a failure in verifying the server's identity.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13034 https://bugzilla.redhat.com/show_bug.cgi?id=2426406 https://www.cve.org/CVERecord?id=CVE-2025-13034 https://nvd.nist.gov/vuln/detail/CVE-2025-13034 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13034.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GAn7gWUe2pFr7PbwechqxA==": { "id": "GAn7gWUe2pFr7PbwechqxA==", "updater": "rhel-vex", "name": "CVE-2025-30258", "description": "A flaw was found in GnuPG. In affected versions, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, leading to a verification denial of service.", "issued": "2025-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30258 https://bugzilla.redhat.com/show_bug.cgi?id=2353427 https://www.cve.org/CVERecord?id=CVE-2025-30258 https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30258.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "H+1TqqY0KS7qdkZd4TU82A==": { "id": "H+1TqqY0KS7qdkZd4TU82A==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-fips-provider", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "H1wshPoazj8pmzsnWAztZA==": { "id": "H1wshPoazj8pmzsnWAztZA==", "updater": "rhel-vex", "name": "CVE-2026-6276", "description": "A flaw was found in libcurl. This vulnerability allows for information disclosure when a custom `Host:` header is used in an initial HTTP request, and a subsequent request reuses the same connection without specifying a new `Host:` header. This can lead to libcurl incorrectly sending cookies intended for the first host to the second host, resulting in a cookie leak. This issue is categorized as an Origin Validation Error (CWE-346). Exploitation typically requires specific debugging configurations.", "issued": "2026-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6276 https://bugzilla.redhat.com/show_bug.cgi?id=2461203 https://www.cve.org/CVERecord?id=CVE-2026-6276 https://nvd.nist.gov/vuln/detail/CVE-2026-6276 https://curl.se/docs/CVE-2026-6276.html https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6276.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Hk8k4qPIhaJI1mipqA9iiw==": { "id": "Hk8k4qPIhaJI1mipqA9iiw==", "updater": "rhel-vex", "name": "CVE-2026-41080", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing a specially crafted XML document that leverages insufficient entropy in the hash function. This can lead to hash flooding, a type of Denial of Service (DoS) attack, where the system becomes unresponsive or crashes due to excessive resource consumption.", "issued": "2026-04-16T16:52:01Z", "links": "https://access.redhat.com/security/cve/CVE-2026-41080 https://bugzilla.redhat.com/show_bug.cgi?id=2458967 https://www.cve.org/CVERecord?id=CVE-2026-41080 https://nvd.nist.gov/vuln/detail/CVE-2026-41080 https://github.com/libexpat/libexpat/issues/47 https://github.com/libexpat/libexpat/pull/1183 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41080.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Ho9dxNTgk9NPzM9Q2Wtmxw==": { "id": "Ho9dxNTgk9NPzM9Q2Wtmxw==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HxI42iSjURjRki+uV6q/9w==": { "id": "HxI42iSjURjRki+uV6q/9w==", "updater": "rhel-vex", "name": "CVE-2024-0232", "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0232 https://bugzilla.redhat.com/show_bug.cgi?id=2243754 https://www.cve.org/CVERecord?id=CVE-2024-0232 https://nvd.nist.gov/vuln/detail/CVE-2024-0232 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0232.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IFUwSX5dX69QHRHfvOeQDg==": { "id": "IFUwSX5dX69QHRHfvOeQDg==", "updater": "rhel-vex", "name": "CVE-2026-6429", "description": "A flaw was found in libcurl. When configured to use a .netrc file for credentials and follow HTTP redirects, libcurl can inadvertently send the password from the initial connection to the redirected host. This sensitive information disclosure occurs when both the original and redirect URLs use clear text HTTP, are performed over the same HTTP proxy, and the same connection is reused. This vulnerability, categorized as an Exposure of Sensitive Information to an Unauthorized Actor (CWE-200), could allow an attacker to obtain user credentials.", "issued": "2026-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6429 https://bugzilla.redhat.com/show_bug.cgi?id=2461205 https://www.cve.org/CVERecord?id=CVE-2026-6429 https://nvd.nist.gov/vuln/detail/CVE-2026-6429 https://curl.se/docs/CVE-2026-6429.html https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6429.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ImSCYftS79LxnrlAKQDjZg==": { "id": "ImSCYftS79LxnrlAKQDjZg==", "updater": "rhel-vex", "name": "CVE-2025-50182", "description": "A flaw was found in urllib3. The library fails to properly validate redirect URLs, allowing an attacker to manipulate redirect chains when used in environments like Pyodide utilizing the JavaScript Fetch API. This lack of validation can enable a remote attacker to control the redirect destination, leading to arbitrary URL redirection. Consequently, an attacker can redirect users to malicious websites. This \nvulnerability stems from a failure to constrain the redirect target.", "issued": "2025-06-19T01:42:44Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50182 https://bugzilla.redhat.com/show_bug.cgi?id=2373800 https://www.cve.org/CVERecord?id=CVE-2025-50182 https://nvd.nist.gov/vuln/detail/CVE-2025-50182 https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50182.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IwbeLCY1EthbVOWfUWyeMg==": { "id": "IwbeLCY1EthbVOWfUWyeMg==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IxCkO4K3nXWrryedje4cgg==": { "id": "IxCkO4K3nXWrryedje4cgg==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "JBN+5Tm9cbWD8uJN9lcsrQ==": { "id": "JBN+5Tm9cbWD8uJN9lcsrQ==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KHHIjt6Egtc7csaIbQ3mbw==": { "id": "KHHIjt6Egtc7csaIbQ3mbw==", "updater": "rhel-vex", "name": "CVE-2026-32778", "description": "A flaw was found in libexpat. This vulnerability allows an attacker to trigger a NULL pointer dereference in the `setContext` function. This occurs when the system attempts to retry an operation after an out-of-memory condition, which can lead to a Denial of Service (DoS) for the affected application.", "issued": "2026-03-16T07:02:34Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32778 https://bugzilla.redhat.com/show_bug.cgi?id=2447885 https://www.cve.org/CVERecord?id=CVE-2026-32778 https://nvd.nist.gov/vuln/detail/CVE-2026-32778 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1163 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32778.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Kqq2xlybjD/tOLmQWu2xPw==": { "id": "Kqq2xlybjD/tOLmQWu2xPw==", "updater": "rhel-vex", "name": "CVE-2025-5918", "description": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://www.cve.org/CVERecord?id=CVE-2025-5918 https://nvd.nist.gov/vuln/detail/CVE-2025-5918 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LpXpPLrqMWz/p4f2KzTt5A==": { "id": "LpXpPLrqMWz/p4f2KzTt5A==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LuirMfnv2JkWFEU8MUuKUQ==": { "id": "LuirMfnv2JkWFEU8MUuKUQ==", "updater": "rhel-vex", "name": "CVE-2025-13151", "description": "A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the `asn1_expend_octet_string` function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service (DoS) condition, making the affected system or application unavailable.", "issued": "2026-01-07T21:14:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13151 https://bugzilla.redhat.com/show_bug.cgi?id=2427698 https://www.cve.org/CVERecord?id=CVE-2025-13151 https://nvd.nist.gov/vuln/detail/CVE-2025-13151 https://gitlab.com/gnutls/libtasn1 https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13151.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "M293c+QguJ/aaYP3cMwfyQ==": { "id": "M293c+QguJ/aaYP3cMwfyQ==", "updater": "rhel-vex", "name": "CVE-2026-28388", "description": "A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List (CRL) that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application that has delta CRL processing enabled, leading to a Denial of Service (DoS) for the application.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28388 https://bugzilla.redhat.com/show_bug.cgi?id=2451097 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28388.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MT27FBW6q+x91HBvTyGVKQ==": { "id": "MT27FBW6q+x91HBvTyGVKQ==", "updater": "rhel-vex", "name": "CVE-2026-4046", "description": "A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the `iconv()` function. This could lead to an assertion failure, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-30T17:16:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4046 https://bugzilla.redhat.com/show_bug.cgi?id=2453117 https://www.cve.org/CVERecord?id=CVE-2026-4046 https://nvd.nist.gov/vuln/detail/CVE-2026-4046 https://packages.fedoraproject.org/pkgs/glibc/glibc-gconv-extra/ https://sourceware.org/bugzilla/show_bug.cgi?id=33980 https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4046.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "NrTzMmbWyM5UeSvnQVNLOg==": { "id": "NrTzMmbWyM5UeSvnQVNLOg==", "updater": "rhel-vex", "name": "CVE-2026-0988", "description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0988 https://bugzilla.redhat.com/show_bug.cgi?id=2429886 https://www.cve.org/CVERecord?id=CVE-2026-0988 https://nvd.nist.gov/vuln/detail/CVE-2026-0988 https://gitlab.gnome.org/GNOME/glib/-/issues/3851 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0988.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "PFkN8K2aK2XnSQjmAIry9A==": { "id": "PFkN8K2aK2XnSQjmAIry9A==", "updater": "osv/pypi", "name": "GHSA-58qw-9mgm-455v", "description": "pip has an interpretation conflict due to handling both concatenated tar and ZIP files as ZIP files", "issued": "2026-04-20T18:31:48Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2026-3219 https://github.com/pypa/pip/pull/13870 https://github.com/pypa/pip https://mail.python.org/archives/list/security-announce@python.org/thread/QAJ5JIVWWCAJ4EZL2FP5MOOW35JS7LRJ http://www.openwall.com/lists/oss-security/2026/04/20/8", "severity": "MODERATE", "normalized_severity": "Medium", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "lastAffected=26.0.1" }, "PUY4fn57nsAU2qBLtgRtdw==": { "id": "PUY4fn57nsAU2qBLtgRtdw==", "updater": "osv/pypi", "name": "GHSA-6vgw-5pg2-w6jp", "description": "pip Path Traversal vulnerability", "issued": "2026-02-02T15:30:34Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2026-1703 https://github.com/pypa/pip/pull/13777 https://github.com/pypa/pip/commit/8e227a9be4faa9594e05d02ca05a413a2a4e7735 https://github.com/pypa/pip https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ", "severity": "LOW", "normalized_severity": "Low", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=26.0" }, "PrCrIesi0sSvMQjPpvxecw==": { "id": "PrCrIesi0sSvMQjPpvxecw==", "updater": "rhel-vex", "name": "CVE-2025-14512", "description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14512 https://bugzilla.redhat.com/show_bug.cgi?id=2421339 https://www.cve.org/CVERecord?id=CVE-2025-14512 https://nvd.nist.gov/vuln/detail/CVE-2025-14512 https://gitlab.gnome.org/GNOME/glib/-/issues/3845 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14512.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Pza9Y2xtH9MChVMkZwgw2A==": { "id": "Pza9Y2xtH9MChVMkZwgw2A==", "updater": "rhel-vex", "name": "CVE-2024-7264", "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "issued": "2024-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7264 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://www.cve.org/CVERecord?id=CVE-2024-7264 https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7264.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Qbjoqw6Ot3cGOKNyQYBo4g==": { "id": "Qbjoqw6Ot3cGOKNyQYBo4g==", "updater": "rhel-vex", "name": "CVE-2025-14087", "description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14087 https://bugzilla.redhat.com/show_bug.cgi?id=2419093 https://www.cve.org/CVERecord?id=CVE-2025-14087 https://nvd.nist.gov/vuln/detail/CVE-2025-14087 https://gitlab.gnome.org/GNOME/glib/-/issues/3834 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14087.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QskDoDnTSvrQeDXklM4YOw==": { "id": "QskDoDnTSvrQeDXklM4YOw==", "updater": "rhel-vex", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "2026-03-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4105 https://bugzilla.redhat.com/show_bug.cgi?id=2447262 https://www.cve.org/CVERecord?id=CVE-2026-4105 https://nvd.nist.gov/vuln/detail/CVE-2026-4105 https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4105.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RHShqbO2hqcBNPYbKDg/3A==": { "id": "RHShqbO2hqcBNPYbKDg/3A==", "updater": "rhel-vex", "name": "CVE-2026-6732", "description": "A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.", "issued": "2026-04-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6732 https://bugzilla.redhat.com/show_bug.cgi?id=2461300 https://www.cve.org/CVERecord?id=CVE-2026-6732 https://nvd.nist.gov/vuln/detail/CVE-2026-6732 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1097 https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/411 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6732.json", "severity": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RhxMXi5C56OKjYFOue53fg==": { "id": "RhxMXi5C56OKjYFOue53fg==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "S5Dzz9cigoJDCj8s5UcT0g==": { "id": "S5Dzz9cigoJDCj8s5UcT0g==", "updater": "rhel-vex", "name": "CVE-2022-41409", "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-41409 https://bugzilla.redhat.com/show_bug.cgi?id=2260814 https://www.cve.org/CVERecord?id=CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 https://github.com/PCRE2Project/pcre2/issues/141 https://github.com/advisories/GHSA-4qfx-v7wh-3q4j https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-41409.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SOoi21BnbodkFkKkIXYCTg==": { "id": "SOoi21BnbodkFkKkIXYCTg==", "updater": "rhel-vex", "name": "CVE-2026-0865", "description": "Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers.", "issued": "2026-01-20T21:26:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0865 https://bugzilla.redhat.com/show_bug.cgi?id=2431367 https://www.cve.org/CVERecord?id=CVE-2026-0865 https://nvd.nist.gov/vuln/detail/CVE-2026-0865 https://github.com/python/cpython/issues/143916 https://github.com/python/cpython/pull/143917 https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0865.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SQcVquEPU3fE4fDQPb3bLQ==": { "id": "SQcVquEPU3fE4fDQPb3bLQ==", "updater": "rhel-vex", "name": "CVE-2026-24515", "description": "A null pointer dereference flaw has been discovered in libexpat. The function `XML_ExternalEntityParserCreate` failed to copy the encoding handler data passed to XML_SetUnknownEncodingHandler from the parent to the new subparser. This can cause a NULL dereference from external entities that declare use of an unknown encoding. The expected impact is denial of service. It takes use of both functions `XML_ExternalEntityParserCreate` and `XML_SetUnknownEncodingHandler` for an application to be vulnerable.", "issued": "2026-01-23T07:46:36Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24515 https://bugzilla.redhat.com/show_bug.cgi?id=2432312 https://www.cve.org/CVERecord?id=CVE-2026-24515 https://nvd.nist.gov/vuln/detail/CVE-2026-24515 https://github.com/libexpat/libexpat/pull/1131 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24515.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TwoNniaY2Urt7TF64epJXg==": { "id": "TwoNniaY2Urt7TF64epJXg==", "updater": "rhel-vex", "name": "CVE-2026-31790", "description": "A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without proper validation. Consequently, the application might send the contents of an uninitialized memory buffer, which could contain confidential information, to the attacker.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31790 https://bugzilla.redhat.com/show_bug.cgi?id=2451094 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31790.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VWEbeFnFOHy1IkG21b5a5g==": { "id": "VWEbeFnFOHy1IkG21b5a5g==", "updater": "rhel-vex", "name": "CVE-2023-30571", "description": "A vulnerability was found in libarchive. This issue can cause a race condition in a multi-threaded use of archive_write_disk_header() on posix based systems, which could allow implicit directory creation with permissions 777, without sticky bit, which means any low privileged user on the system can delete and rename files inside those directories.", "issued": "2023-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-30571 https://bugzilla.redhat.com/show_bug.cgi?id=2210921 https://www.cve.org/CVERecord?id=CVE-2023-30571 https://nvd.nist.gov/vuln/detail/CVE-2023-30571 https://access.redhat.com/solutions/7033331 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-30571.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VYGbkY0i6P3tRJd9mM1wNg==": { "id": "VYGbkY0i6P3tRJd9mM1wNg==", "updater": "rhel-vex", "name": "CVE-2026-1489", "description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1489 https://bugzilla.redhat.com/show_bug.cgi?id=2433348 https://www.cve.org/CVERecord?id=CVE-2026-1489 https://nvd.nist.gov/vuln/detail/CVE-2026-1489 https://gitlab.gnome.org/GNOME/glib/-/issues/3872 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1489.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Weic6NEdp8xlcBJDyp3fVA==": { "id": "Weic6NEdp8xlcBJDyp3fVA==", "updater": "rhel-vex", "name": "CVE-2026-42011", "description": "A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.", "issued": "2026-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-42011 https://bugzilla.redhat.com/show_bug.cgi?id=2467437 https://www.cve.org/CVERecord?id=CVE-2026-42011 https://nvd.nist.gov/vuln/detail/CVE-2026-42011 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42011.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Wt2cDYMEpulwA9twmA26Tg==": { "id": "Wt2cDYMEpulwA9twmA26Tg==", "updater": "rhel-vex", "name": "CVE-2026-31790", "description": "A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without proper validation. Consequently, the application might send the contents of an uninitialized memory buffer, which could contain confidential information, to the attacker.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31790 https://bugzilla.redhat.com/show_bug.cgi?id=2451094 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31790.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-fips-provider", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "X4Ym25zfqcH7/samBN+yPw==": { "id": "X4Ym25zfqcH7/samBN+yPw==", "updater": "rhel-vex", "name": "CVE-2026-5545", "description": "A flaw was found in libcurl. An application using libcurl that performs an authenticated HTTP(S) request after a Negotiate-authenticated one to the same host may incorrectly reuse the previous connection. This authentication bypass vulnerability allows the second request to be sent over a connection authenticated with different credentials, potentially leading to unauthorized access or information disclosure.", "issued": "2026-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5545 https://bugzilla.redhat.com/show_bug.cgi?id=2461204 https://www.cve.org/CVERecord?id=CVE-2026-5545 https://nvd.nist.gov/vuln/detail/CVE-2026-5545 https://curl.se/docs/CVE-2026-5545.html https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5545.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "X7DmUVoCri5i6vdYVBBgXg==": { "id": "X7DmUVoCri5i6vdYVBBgXg==", "updater": "rhel-vex", "name": "CVE-2026-1965", "description": "A flaw was found in curl. When an application uses libcurl to make multiple Negotiate-authenticated HTTP or HTTPS requests to the same server with different credentials, libcurl may incorrectly reuse an existing connection. This logical error can cause a subsequent request to be sent using the authentication of a previous user, leading to an authentication bypass.", "issued": "2026-03-11T10:08:52Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1965 https://bugzilla.redhat.com/show_bug.cgi?id=2446448 https://www.cve.org/CVERecord?id=CVE-2026-1965 https://nvd.nist.gov/vuln/detail/CVE-2026-1965 https://curl.se/docs/CVE-2026-1965.html https://curl.se/docs/CVE-2026-1965.json https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1965.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XPUXyp+BOEJyEGOgXafi8Q==": { "id": "XPUXyp+BOEJyEGOgXafi8Q==", "updater": "rhel-vex", "name": "CVE-2022-27943", "description": "A flaw was found in binutils, where GNU GCC is vulnerable to a denial of service caused by a stack consumption in the demangle_const() function in libiberty/rust-demangle.c. The vulnerability exists due to the application not properly controlling the consumption of internal resources. By persuading a victim to open a specially-crafted file, an attacker could cause a denial of service.", "issued": "2022-03-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27943 https://bugzilla.redhat.com/show_bug.cgi?id=2071728 https://www.cve.org/CVERecord?id=CVE-2022-27943 https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27943.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YIlv6HIDfGqvZL/MDTWWpg==": { "id": "YIlv6HIDfGqvZL/MDTWWpg==", "updater": "rhel-vex", "name": "CVE-2026-3805", "description": "A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.", "issued": "2026-03-11T10:09:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3805 https://bugzilla.redhat.com/show_bug.cgi?id=2446451 https://www.cve.org/CVERecord?id=CVE-2026-3805 https://nvd.nist.gov/vuln/detail/CVE-2026-3805 http://www.openwall.com/lists/oss-security/2026/03/11/4 https://curl.se/docs/CVE-2026-3805.html https://curl.se/docs/CVE-2026-3805.json https://hackerone.com/reports/3591944 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3805.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YtNpM5pykErH+UBXZABWdg==": { "id": "YtNpM5pykErH+UBXZABWdg==", "updater": "rhel-vex", "name": "CVE-2026-28390", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter field without first verifying its presence. This leads to a NULL pointer dereference, which can cause applications processing the attacker-controlled CMS data to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T22:00:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28390 https://bugzilla.redhat.com/show_bug.cgi?id=2456314 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28390.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a9FllBAJiFi5FeYl0KG4aQ==": { "id": "a9FllBAJiFi5FeYl0KG4aQ==", "updater": "rhel-vex", "name": "CVE-2024-11053", "description": "A flaw was found in curl. A logic error when processing credentials from the .netrc file while performing redirects allows the transfer of credentials from the original host to the followed-to host under certain circumstances, leaking the credentials to the followed-to host.", "issued": "2024-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11053 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://www.cve.org/CVERecord?id=CVE-2024-11053 https://nvd.nist.gov/vuln/detail/CVE-2024-11053 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11053.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "aOUfuyvyyWEe7Z1IZT+fGw==": { "id": "aOUfuyvyyWEe7Z1IZT+fGw==", "updater": "rhel-vex", "name": "CVE-2026-34743", "description": "A flaw was found in XZ Utils. When the `lzma_index_decoder()` function processes an empty index, and a subsequent `lzma_index_append()` operation is performed, insufficient memory is allocated. This can lead to a buffer overflow, potentially causing a denial of service (DoS) for affected systems.", "issued": "2026-04-02T18:36:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34743 https://bugzilla.redhat.com/show_bug.cgi?id=2454589 https://www.cve.org/CVERecord?id=CVE-2026-34743 https://nvd.nist.gov/vuln/detail/CVE-2026-34743 https://github.com/tukaani-project/xz/commit/c8c22869e780ff57c96b46939c3d79ff99395f87 https://github.com/tukaani-project/xz/releases/tag/v5.8.3 https://github.com/tukaani-project/xz/security/advisories/GHSA-x872-m794-cxhv https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34743.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "xz", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ae3lHA7MmabWs4AIbhandQ==": { "id": "ae3lHA7MmabWs4AIbhandQ==", "updater": "rhel-vex", "name": "CVE-2026-3833", "description": "A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.", "issued": "2026-04-30T17:26:28Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3833 https://bugzilla.redhat.com/show_bug.cgi?id=2445763 https://www.cve.org/CVERecord?id=CVE-2026-3833 https://nvd.nist.gov/vuln/detail/CVE-2026-3833 https://gitlab.com/gnutls/gnutls/-/issues/1803 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3833.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "bugTfOdgCaATW4vTnuXTSQ==": { "id": "bugTfOdgCaATW4vTnuXTSQ==", "updater": "rhel-vex", "name": "CVE-2025-70873", "description": "A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive heap memory information.", "issued": "2026-03-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-70873 https://bugzilla.redhat.com/show_bug.cgi?id=2447086 https://www.cve.org/CVERecord?id=CVE-2025-70873 https://nvd.nist.gov/vuln/detail/CVE-2025-70873 https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054 https://sqlite.org/forum/forumpost/761eac3c82 https://sqlite.org/src/info/3d459f1fb1bd1b5e https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-70873.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "d/522T+B/ARMNSG+3QfAWA==": { "id": "d/522T+B/ARMNSG+3QfAWA==", "updater": "rhel-vex", "name": "CVE-2026-22185", "description": "A flaw was found in OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load. When processing malformed input, a local attacker can exploit a heap buffer underflow vulnerability in the readline() function. This can lead to an out-of-bounds read, potentially causing a denial of service (DoS) and limited disclosure of heap memory contents.", "issued": "2026-01-07T20:26:30Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22185 https://bugzilla.redhat.com/show_bug.cgi?id=2427679 https://www.cve.org/CVERecord?id=CVE-2026-22185 https://nvd.nist.gov/vuln/detail/CVE-2026-22185 https://seclists.org/fulldisclosure/2026/Jan/5 https://seclists.org/fulldisclosure/2026/Jan/8 https://www.openldap.org/ https://www.vulncheck.com/advisories/openldap-lmdb-mdb-load-heap-buffer-underflow-in-readline https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22185.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openldap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "d0nPfXoEZybRuV9TMDY3YQ==": { "id": "d0nPfXoEZybRuV9TMDY3YQ==", "updater": "rhel-vex", "name": "CVE-2026-6253", "description": "A flaw was found in curl. When curl is configured to use distinct proxies for different URL schemes, a redirect from a URL using an authenticated proxy to one using an unauthenticated proxy can inadvertently expose the initial proxy's credentials. This improper credential management (CWE-522) may allow an attacker to gain unauthorized access or information by intercepting these disclosed credentials.", "issued": "2026-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6253 https://bugzilla.redhat.com/show_bug.cgi?id=2461202 https://www.cve.org/CVERecord?id=CVE-2026-6253 https://nvd.nist.gov/vuln/detail/CVE-2026-6253 https://curl.se/docs/CVE-2026-6253.html https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6253.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "dZ/H1sYv9QSX9VO93tlGLw==": { "id": "dZ/H1sYv9QSX9VO93tlGLw==", "updater": "osv/pypi", "name": "GHSA-4xh5-x5gv-qwph", "description": "pip's fallback tar extraction doesn't check symbolic links point to extraction directory", "issued": "2025-09-24T15:31:14Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2025-8869 https://github.com/pypa/pip/pull/13550 https://github.com/pypa/pip/commit/f2b92314da012b9fffa36b3f3e67748a37ef464a https://github.com/pypa/pip https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN https://pip.pypa.io/en/stable/news/#v25-2", "severity": "MODERATE", "normalized_severity": "Medium", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=25.3" }, "e/80Mfq8+F+be18Mt0mGLQ==": { "id": "e/80Mfq8+F+be18Mt0mGLQ==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e0/Fzu8wfMZp9zX32i9rMQ==": { "id": "e0/Fzu8wfMZp9zX32i9rMQ==", "updater": "rhel-vex", "name": "CVE-2026-27456", "description": "A flaw was found in util-linux. When an /etc/fstab entry is configured with the user,loop options, the `mount` program checks the file path with user permissions but later opens it with root privileges. This creates a brief Time-of-Check-Time-of-Use (TOCTOU) window where an attacker can substitute the intended file with a malicious symbolic link. This allows a local unprivileged user to mount any root-owned file or block device that contains a valid filesystem, gaining full read access to its contents.", "issued": "2026-04-03T21:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27456 https://bugzilla.redhat.com/show_bug.cgi?id=2454956 https://www.cve.org/CVERecord?id=CVE-2026-27456 https://nvd.nist.gov/vuln/detail/CVE-2026-27456 https://github.com/util-linux/util-linux/commit/5e390467b26a3cf3fecc04e1a0d482dff3162fc4 https://github.com/util-linux/util-linux/releases/tag/v2.41.4 https://github.com/util-linux/util-linux/security/advisories/GHSA-qq4x-vfq4-9h9g https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27456.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e0VfCD1REapdkagkByCnXQ==": { "id": "e0VfCD1REapdkagkByCnXQ==", "updater": "rhel-vex", "name": "CVE-2025-3360", "description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "issued": "2025-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3360 https://bugzilla.redhat.com/show_bug.cgi?id=2357754 https://www.cve.org/CVERecord?id=CVE-2025-3360 https://nvd.nist.gov/vuln/detail/CVE-2025-3360 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3360.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eII69g8OYOZLzO43tqVZbQ==": { "id": "eII69g8OYOZLzO43tqVZbQ==", "updater": "rhel-vex", "name": "CVE-2026-5713", "description": "A flaw was found in Python. A malicious Python process could exploit the \"profiling.sampling\" module and \"asyncio introspection capabilities\" to read and write memory addresses within a privileged process. This vulnerability occurs when the privileged process connects to the malicious process via its remote debugging feature, potentially leading to information disclosure and arbitrary code execution. Successful exploitation requires repeated connections, which may cause instability in the connecting process.", "issued": "2026-04-14T15:11:51Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5713 https://bugzilla.redhat.com/show_bug.cgi?id=2458239 https://www.cve.org/CVERecord?id=CVE-2026-5713 https://nvd.nist.gov/vuln/detail/CVE-2026-5713 https://github.com/python/cpython/issues/148178 https://github.com/python/cpython/pull/148187 https://mail.python.org/archives/list/security-announce@python.org/thread/OG4RHARYSNIE22GGOMVMCRH76L5HKPLM/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5713.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gg6QYPBlPoN8zpwNyr7x6w==": { "id": "gg6QYPBlPoN8zpwNyr7x6w==", "updater": "rhel-vex", "name": "CVE-2026-29111", "description": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).", "issued": "2026-03-23T21:03:56Z", "links": "https://access.redhat.com/security/cve/CVE-2026-29111 https://bugzilla.redhat.com/show_bug.cgi?id=2450505 https://www.cve.org/CVERecord?id=CVE-2026-29111 https://nvd.nist.gov/vuln/detail/CVE-2026-29111 https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6 https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412 https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69 https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6 https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8 https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29111.json https://access.redhat.com/errata/RHSA-2026:13677", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:252-55.el9_7.9", "arch_op": "pattern match" }, "i8jbSS7GiilDkzscgLZVZw==": { "id": "i8jbSS7GiilDkzscgLZVZw==", "updater": "rhel-vex", "name": "CVE-2026-25645", "description": "A flaw was found in the `requests` HTTP library, specifically in the `requests.utils.extract_zipped_paths()` function, which is used to load Certificate Authority (CA) bundles. A local attacker can exploit this vulnerability by pre-creating a malicious CA bundle file in the system's temporary directory. When a vulnerable application initializes the `requests` library, it may load this malicious file instead of the legitimate CA bundle, leading to a bypass of security controls and potential integrity compromise.", "issued": "2026-03-25T17:02:48Z", "links": "https://access.redhat.com/security/cve/CVE-2026-25645 https://bugzilla.redhat.com/show_bug.cgi?id=2451408 https://www.cve.org/CVERecord?id=CVE-2026-25645 https://nvd.nist.gov/vuln/detail/CVE-2026-25645 https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7 https://github.com/psf/requests/releases/tag/v2.33.0 https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25645.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iF/o4aDbQf1DAw7R+LiVQw==": { "id": "iF/o4aDbQf1DAw7R+LiVQw==", "updater": "rhel-vex", "name": "CVE-2025-68972", "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", "issued": "2025-12-27T22:52:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68972 https://bugzilla.redhat.com/show_bug.cgi?id=2425646 https://www.cve.org/CVERecord?id=CVE-2025-68972 https://nvd.nist.gov/vuln/detail/CVE-2025-68972 https://gpg.fail/formfeed https://news.ycombinator.com/item?id=46404339 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68972.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iYahLjRBvYk4Zq4Nz9JtHg==": { "id": "iYahLjRBvYk4Zq4Nz9JtHg==", "updater": "rhel-vex", "name": "CVE-2025-66382", "description": "A flaw was found in libexpat. This vulnerability allows a denial of service (DoS) by processing a crafted file with an approximate size of 2 MiB, leading to dozens of seconds of processing time.", "issued": "2025-11-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66382 https://bugzilla.redhat.com/show_bug.cgi?id=2417661 https://www.cve.org/CVERecord?id=CVE-2025-66382 https://nvd.nist.gov/vuln/detail/CVE-2025-66382 https://github.com/libexpat/libexpat/issues/1076 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66382.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "icr9XD5DN3YDWvP3naYL+g==": { "id": "icr9XD5DN3YDWvP3naYL+g==", "updater": "rhel-vex", "name": "CVE-2026-5450", "description": "A flaw was found in glibc (GNU C Library). This vulnerability occurs when an application uses the `scanf` family of functions with a `%mc` format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination can lead to a one-byte heap buffer overflow, potentially allowing an attacker to corrupt memory.", "issued": "2026-04-20T20:55:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5450 https://bugzilla.redhat.com/show_bug.cgi?id=2459853 https://www.cve.org/CVERecord?id=CVE-2026-5450 https://nvd.nist.gov/vuln/detail/CVE-2026-5450 https://inbox.sourceware.org/libc-announce/b11f0003-6ec1-4bd6-b9de-9e38a4efeca3@redhat.com/T/#u https://nvd.nist.gov/vuln/detail/CVE-2026-5450#range-21286997 https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2026-5450 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5450.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ija3h8P09PxwjEuLSUS2HA==": { "id": "ija3h8P09PxwjEuLSUS2HA==", "updater": "rhel-vex", "name": "CVE-2026-4438", "description": "A flaw was found in the GNU C library (glibc). When applications use the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to applications receiving incorrect hostname information, potentially impacting network operations or security decisions.", "issued": "2026-03-20T19:59:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4438 https://bugzilla.redhat.com/show_bug.cgi?id=2449783 https://www.cve.org/CVERecord?id=CVE-2026-4438 https://nvd.nist.gov/vuln/detail/CVE-2026-4438 https://sourceware.org/bugzilla/show_bug.cgi?id=34015 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4438.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ivSHxxsjgaRZwNS8gjOLdg==": { "id": "ivSHxxsjgaRZwNS8gjOLdg==", "updater": "rhel-vex", "name": "CVE-2025-50181", "description": "A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations.", "issued": "2025-06-19T01:08:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50181 https://bugzilla.redhat.com/show_bug.cgi?id=2373799 https://www.cve.org/CVERecord?id=CVE-2025-50181 https://nvd.nist.gov/vuln/detail/CVE-2025-50181 https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857 https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50181.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ixc06f0H9vqMfsbwQSwwvA==": { "id": "ixc06f0H9vqMfsbwQSwwvA==", "updater": "rhel-vex", "name": "CVE-2023-32636", "description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 https://www.cve.org/CVERecord?id=CVE-2023-32636 https://nvd.nist.gov/vuln/detail/CVE-2023-32636 https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32636.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jiVVTQmOtKqVixv7agF/Hg==": { "id": "jiVVTQmOtKqVixv7agF/Hg==", "updater": "rhel-vex", "name": "CVE-2025-27113", "description": "A flaw was found in libxml2. This vulnerability allows a NULL pointer dereference, leading to a potential crash or denial of service via a crafted XML pattern.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27113 https://bugzilla.redhat.com/show_bug.cgi?id=2346410 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27113.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ki2PMarj2WoMKDbw3+XV3A==": { "id": "ki2PMarj2WoMKDbw3+XV3A==", "updater": "rhel-vex", "name": "CVE-2026-29111", "description": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).", "issued": "2026-03-23T21:03:56Z", "links": "https://access.redhat.com/security/cve/CVE-2026-29111 https://bugzilla.redhat.com/show_bug.cgi?id=2450505 https://www.cve.org/CVERecord?id=CVE-2026-29111 https://nvd.nist.gov/vuln/detail/CVE-2026-29111 https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6 https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412 https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69 https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6 https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8 https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29111.json https://access.redhat.com/errata/RHSA-2026:13677", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:9:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:252-55.el9_7.9", "arch_op": "pattern match" }, "klH60uFrR0WkawaSlcOEKg==": { "id": "klH60uFrR0WkawaSlcOEKg==", "updater": "rhel-vex", "name": "CVE-2026-1484", "description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1484 https://bugzilla.redhat.com/show_bug.cgi?id=2433259 https://www.cve.org/CVERecord?id=CVE-2026-1484 https://nvd.nist.gov/vuln/detail/CVE-2026-1484 https://gitlab.gnome.org/GNOME/glib/-/issues/3870 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1484.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "kwonOUycdcBenNhjZ1b//Q==": { "id": "kwonOUycdcBenNhjZ1b//Q==", "updater": "osv/pypi", "name": "GHSA-68rp-wp8r-4726", "description": "Flask session does not add `Vary: Cookie` header when accessed in some ways", "issued": "2026-02-19T20:45:41Z", "links": "https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726 https://nvd.nist.gov/vuln/detail/CVE-2026-27205 https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4 https://github.com/pallets/flask https://github.com/pallets/flask/releases/tag/3.1.3", "severity": "LOW", "normalized_severity": "Low", "package": { "id": "", "name": "flask", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=3.1.3" }, "l6IrI73Pg+lrisEtcgX+0Q==": { "id": "l6IrI73Pg+lrisEtcgX+0Q==", "updater": "rhel-vex", "name": "CVE-2026-3784", "description": "A flaw was found in curl. This vulnerability allows curl to wrongly reuse an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different authentication credentials for the HTTP proxy. This improper connection reuse could lead to an attacker gaining unauthorized access to resources or information intended for a different user.", "issued": "2026-03-11T10:09:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3784 https://bugzilla.redhat.com/show_bug.cgi?id=2446449 https://www.cve.org/CVERecord?id=CVE-2026-3784 https://nvd.nist.gov/vuln/detail/CVE-2026-3784 http://www.openwall.com/lists/oss-security/2026/03/11/3 https://curl.se/docs/CVE-2026-3784.html https://curl.se/docs/CVE-2026-3784.json https://hackerone.com/reports/3584903 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3784.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lQBARBTddFvexevUD04GZA==": { "id": "lQBARBTddFvexevUD04GZA==", "updater": "rhel-vex", "name": "CVE-2026-5745", "description": "A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare \"d\" or \"default\" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5745 https://bugzilla.redhat.com/show_bug.cgi?id=2455921 https://www.cve.org/CVERecord?id=CVE-2026-5745 https://nvd.nist.gov/vuln/detail/CVE-2026-5745 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5745.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lppk3oI+Rm/KVCEYBGVKcg==": { "id": "lppk3oI+Rm/KVCEYBGVKcg==", "updater": "rhel-vex", "name": "CVE-2026-40355", "description": "A flaw was found in MIT Kerberos 5 (krb5). An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling `gss_accept_sec_context()` on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service (DoS).", "issued": "2026-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-40355 https://bugzilla.redhat.com/show_bug.cgi?id=2463370 https://www.cve.org/CVERecord?id=CVE-2026-40355 https://nvd.nist.gov/vuln/detail/CVE-2026-40355 https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f https://web.mit.edu/kerberos/advisories/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40355.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mJw+LvAbCoVMIOZXCXNFpg==": { "id": "mJw+LvAbCoVMIOZXCXNFpg==", "updater": "rhel-vex", "name": "CVE-2025-5916", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://www.cve.org/CVERecord?id=CVE-2025-5916 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5916.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mZCCwO//htsOIXazj/SeOw==": { "id": "mZCCwO//htsOIXazj/SeOw==", "updater": "rhel-vex", "name": "CVE-2026-31789", "description": "A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an attacker to execute arbitrary code. This issue is considered low severity due to the specific conditions required for exploitation, including the need for an extremely large certificate and a 32-bit operating environment.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31789 https://bugzilla.redhat.com/show_bug.cgi?id=2451095 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31789.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "nWE/ISYsydroB8MspfTK4A==": { "id": "nWE/ISYsydroB8MspfTK4A==", "updater": "rhel-vex", "name": "CVE-2026-32284", "description": "A flaw was found in the msgpack decoder. A remote attacker could send specially crafted, truncated fixext data to an application using the msgpack library. This improper input validation can lead to an out-of-bounds read and a runtime panic, resulting in a denial of service (DoS) attack against the application.", "issued": "2026-03-26T19:40:51Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32284 https://bugzilla.redhat.com/show_bug.cgi?id=2451851 https://www.cve.org/CVERecord?id=CVE-2026-32284 https://nvd.nist.gov/vuln/detail/CVE-2026-32284 https://github.com/golang/vulndb/issues/4513 https://github.com/shamaton/msgpack/issues/59 https://pkg.go.dev/vuln/GO-2026-4513 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32284.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "oqSc7q4k6wTno/u9knscCQ==": { "id": "oqSc7q4k6wTno/u9knscCQ==", "updater": "rhel-vex", "name": "CVE-2024-9681", "description": "A vulnerability was found in curl. When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than intended.", "issued": "2024-11-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-9681 https://bugzilla.redhat.com/show_bug.cgi?id=2322969 https://www.cve.org/CVERecord?id=CVE-2024-9681 https://nvd.nist.gov/vuln/detail/CVE-2024-9681 https://hackerone.com/reports/2764830 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-9681.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qFIYjZJeFnLAVC7lR0n6oQ==": { "id": "qFIYjZJeFnLAVC7lR0n6oQ==", "updater": "rhel-vex", "name": "CVE-2026-0989", "description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0989 https://bugzilla.redhat.com/show_bug.cgi?id=2429933 https://www.cve.org/CVERecord?id=CVE-2026-0989 https://nvd.nist.gov/vuln/detail/CVE-2026-0989 https://gitlab.gnome.org/GNOME/libxml2/-/issues/998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0989.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "s1dcPjwDKoFTCooK5ysv0w==": { "id": "s1dcPjwDKoFTCooK5ysv0w==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "smB1yCGhBb8gDhPAER7odg==": { "id": "smB1yCGhBb8gDhPAER7odg==", "updater": "rhel-vex", "name": "CVE-2025-14524", "description": "A flaw was found in curl. When an OAuth2 (Open Authorization) bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a different scheme like IMAP, LDAP, POP3, or SMTP, curl might incorrectly pass the bearer token to the new target host. This could lead to information disclosure, where sensitive authentication tokens are exposed to unintended recipients.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14524 https://bugzilla.redhat.com/show_bug.cgi?id=2426407 https://www.cve.org/CVERecord?id=CVE-2025-14524 https://nvd.nist.gov/vuln/detail/CVE-2025-14524 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14524.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "svCt47J2Zwa45xj8gn3U/w==": { "id": "svCt47J2Zwa45xj8gn3U/w==", "updater": "rhel-vex", "name": "CVE-2026-1485", "description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1485 https://bugzilla.redhat.com/show_bug.cgi?id=2433325 https://www.cve.org/CVERecord?id=CVE-2026-1485 https://nvd.nist.gov/vuln/detail/CVE-2026-1485 https://gitlab.gnome.org/GNOME/glib/-/issues/3871 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1485.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sykv+pGN4TXggZNIwL/H4g==": { "id": "sykv+pGN4TXggZNIwL/H4g==", "updater": "rhel-vex", "name": "CVE-2025-5915", "description": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://www.cve.org/CVERecord?id=CVE-2025-5915 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5915.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tbhLz74i3ShwS72WbIsoOA==": { "id": "tbhLz74i3ShwS72WbIsoOA==", "updater": "rhel-vex", "name": "CVE-2023-50495", "description": "A vulnerability was found in the NCurses package, where a segmentation fault may be triggered through _nc_wrap_entry().", "issued": "2023-12-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-50495 https://bugzilla.redhat.com/show_bug.cgi?id=2254244 https://www.cve.org/CVERecord?id=CVE-2023-50495 https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-50495.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u0cs09LPRVEEfen4PHM6gA==": { "id": "u0cs09LPRVEEfen4PHM6gA==", "updater": "rhel-vex", "name": "CVE-2026-0990", "description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0990 https://bugzilla.redhat.com/show_bug.cgi?id=2429959 https://www.cve.org/CVERecord?id=CVE-2026-0990 https://nvd.nist.gov/vuln/detail/CVE-2026-0990 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0990.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uWz4SaM79VpO4EPAy+0C8g==": { "id": "uWz4SaM79VpO4EPAy+0C8g==", "updater": "rhel-vex", "name": "CVE-2026-5435", "description": "A flaw was found in glibc, the GNU C Library. Specifically, deprecated functions responsible for printing TSIG (Transaction Signature) records fail to properly manage memory buffers. This oversight can lead to an out-of-bounds write when processing specially crafted TSIG records. An attacker could exploit this to cause a denial of service or potentially execute arbitrary code.", "issued": "2026-04-28T11:58:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5435 https://bugzilla.redhat.com/show_bug.cgi?id=2463465 https://www.cve.org/CVERecord?id=CVE-2026-5435 https://nvd.nist.gov/vuln/detail/CVE-2026-5435 https://inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/#u https://sourceware.org/bugzilla/show_bug.cgi?id=34033 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5435.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uaetuJImncB6wudykQLpEA==": { "id": "uaetuJImncB6wudykQLpEA==", "updater": "rhel-vex", "name": "CVE-2025-1632", "description": "A flaw was found in the bsdunzip utility of libarchive. In affected versions, a specially crafted file may trigger a null pointer dereference. This issue can lead to an application crash or other unexpected behavior. This bug does not compromise the integrity or availability of the base system.", "issued": "2025-02-24T13:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1632 https://bugzilla.redhat.com/show_bug.cgi?id=2347309 https://www.cve.org/CVERecord?id=CVE-2025-1632 https://nvd.nist.gov/vuln/detail/CVE-2025-1632 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1632.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vljECkHLXvnkFYEiPVK0gQ==": { "id": "vljECkHLXvnkFYEiPVK0gQ==", "updater": "rhel-vex", "name": "CVE-2026-33845", "description": "A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.", "issued": "2026-04-30T17:28:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33845 https://bugzilla.redhat.com/show_bug.cgi?id=2450624 https://www.cve.org/CVERecord?id=CVE-2026-33845 https://nvd.nist.gov/vuln/detail/CVE-2026-33845 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33845.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vnI8VBZMnSK/Spr6qFIUOA==": { "id": "vnI8VBZMnSK/Spr6qFIUOA==", "updater": "rhel-vex", "name": "CVE-2026-4873", "description": "A flaw was found in curl. A remote attacker could exploit this by initiating an unencrypted connection (via IMAP, SMTP, or POP3) and then making a subsequent request to the same host that requires Transport Layer Security (TLS). Due to incorrect connection reuse, the subsequent request would bypass the TLS requirement, leading to the transmission of sensitive information in cleartext. This vulnerability, categorized as Cleartext Transmission of Sensitive Information (CWE-319), results in information disclosure.", "issued": "2026-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4873 https://bugzilla.redhat.com/show_bug.cgi?id=2461200 https://www.cve.org/CVERecord?id=CVE-2026-4873 https://nvd.nist.gov/vuln/detail/CVE-2026-4873 https://curl.se/docs/CVE-2026-4873.html https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4873.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wDbkit+RvgMceV36guHpjw==": { "id": "wDbkit+RvgMceV36guHpjw==", "updater": "rhel-vex", "name": "CVE-2026-42010", "description": "A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.", "issued": "2026-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-42010 https://bugzilla.redhat.com/show_bug.cgi?id=2467289 https://www.cve.org/CVERecord?id=CVE-2026-42010 https://nvd.nist.gov/vuln/detail/CVE-2026-42010 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42010.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "normalized_severity": "High", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xh8zszQflFXgahc/vYUUWQ==": { "id": "xh8zszQflFXgahc/vYUUWQ==", "updater": "rhel-vex", "name": "CVE-2026-32777", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted Document Type Definition (DTD) content. This could lead to an infinite loop during parsing, resulting in a Denial of Service (DoS) for the application using libexpat.", "issued": "2026-03-16T06:58:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32777 https://bugzilla.redhat.com/show_bug.cgi?id=2447890 https://www.cve.org/CVERecord?id=CVE-2026-32777 https://nvd.nist.gov/vuln/detail/CVE-2026-32777 https://github.com/libexpat/libexpat/issues/1161 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1162 https://issues.oss-fuzz.com/issues/486993411 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32777.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xxrOMZzPk7ETmnvrIjBo0A==": { "id": "xxrOMZzPk7ETmnvrIjBo0A==", "updater": "rhel-vex", "name": "CVE-2025-60753", "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", "issued": "2025-11-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-60753 https://bugzilla.redhat.com/show_bug.cgi?id=2412648 https://www.cve.org/CVERecord?id=CVE-2025-60753 https://nvd.nist.gov/vuln/detail/CVE-2025-60753 https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753 https://github.com/libarchive/libarchive/issues/2725 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-60753.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "y6/KpQN0Gquhs1Lml+j1sQ==": { "id": "y6/KpQN0Gquhs1Lml+j1sQ==", "updater": "rhel-vex", "name": "CVE-2025-6069", "description": "A denial-of-service (DoS) vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.", "issued": "2025-06-17T13:39:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6069 https://bugzilla.redhat.com/show_bug.cgi?id=2373234 https://www.cve.org/CVERecord?id=CVE-2025-6069 https://nvd.nist.gov/vuln/detail/CVE-2025-6069 https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949 https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41 https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b https://github.com/python/cpython/issues/135462 https://github.com/python/cpython/pull/135464 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6069.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "python3.12", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ymKqobod4xPivmLT/iq9oQ==": { "id": "ymKqobod4xPivmLT/iq9oQ==", "updater": "rhel-vex", "name": "CVE-2026-41990", "description": "A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a bounds check when writing to a static array. While the data involved is not directly controlled by an attacker, this vulnerability could lead to memory corruption, potentially resulting in a denial of service (DoS) or affecting data integrity.", "issued": "2026-04-23T04:39:04Z", "links": "https://access.redhat.com/security/cve/CVE-2026-41990 https://bugzilla.redhat.com/show_bug.cgi?id=2461068 https://www.cve.org/CVERecord?id=CVE-2026-41990 https://nvd.nist.gov/vuln/detail/CVE-2026-41990 https://dev.gnupg.org/T8208 https://lists.gnupg.org/pipermail/gnupg-announce/2026q2/000503.html https://www.openwall.com/lists/oss-security/2026/04/21/1 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41990.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yzZzF1vLZmeTiLJMgY7W0Q==": { "id": "yzZzF1vLZmeTiLJMgY7W0Q==", "updater": "rhel-vex", "name": "CVE-2025-7039", "description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "issued": "2025-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-7039 https://bugzilla.redhat.com/show_bug.cgi?id=2392423 https://www.cve.org/CVERecord?id=CVE-2025-7039 https://nvd.nist.gov/vuln/detail/CVE-2025-7039 https://gitlab.gnome.org/GNOME/glib/-/issues/3716 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-7039.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "zqGJegkbTlVqcHBa6HtRTQ==": { "id": "zqGJegkbTlVqcHBa6HtRTQ==", "updater": "rhel-vex", "name": "CVE-2025-14017", "description": "A flaw was found in curl. When performing multi-threaded LDAPS (Lightweight Directory Access Protocol Secure) transfers, changes to Transport Layer Security (TLS) options in one thread could inadvertently apply globally, affecting other concurrent transfers. This could lead to unintended security posture changes, such as disabling certificate verification for other threads. This vulnerability can result in a security bypass, where expected security checks are not performed.", "issued": "2026-01-08T10:07:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14017 https://bugzilla.redhat.com/show_bug.cgi?id=2427870 https://www.cve.org/CVERecord?id=CVE-2025-14017 https://nvd.nist.gov/vuln/detail/CVE-2025-14017 https://curl.se/docs/CVE-2025-14017.html https://curl.se/docs/CVE-2025-14017.json https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14017.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*" }, "fixed_in_version": "" } }, "package_vulnerabilities": { "+bwl6UbMaWOBWdHNekJsEw==": [ "AD3UsMwxeXvBzVWIm5l5yw==" ], "/L1kFEoHZTukrNTCQLypFQ==": [ "aOUfuyvyyWEe7Z1IZT+fGw==" ], "1p1wTPVFlokLdC9/X3ksGg==": [ "SQcVquEPU3fE4fDQPb3bLQ==", "xh8zszQflFXgahc/vYUUWQ==", "KHHIjt6Egtc7csaIbQ3mbw==", "iYahLjRBvYk4Zq4Nz9JtHg==", "1geoBO6lBMXVRM+dfApwgw==", "Hk8k4qPIhaJI1mipqA9iiw==" ], "2gCbp4kt+cF44NF/LqukDg==": [ "S5Dzz9cigoJDCj8s5UcT0g==" ], "2zIvfSXFI57wQ4jcmb8tGg==": [ "dZ/H1sYv9QSX9VO93tlGLw==", "PFkN8K2aK2XnSQjmAIry9A==", "PUY4fn57nsAU2qBLtgRtdw==", "8uv2vKf0QrdM+zJP4ufG+Q==" ], "3mTZJuBPmze8Mqh3+zXYpw==": [ "7aI+wyLEqkIPj2Wh4f1UKg==", "lppk3oI+Rm/KVCEYBGVKcg==" ], "5JAFUJWmy04+T6x2oJw2jg==": [ "8kndQj/aRn+NNJdGVP9v4g==", "qFIYjZJeFnLAVC7lR0n6oQ==", "8ZCpE1M7eqNdy615aO2gLQ==", "DTApvRZh1HJD5XbbpU3ahw==", "AwYRRq6SmgfJLn2NZxQUdw==", "u0cs09LPRVEEfen4PHM6gA==", "F4WBuBnk4OQIl1a5Q4CVPg==", "RHShqbO2hqcBNPYbKDg/3A==", "jiVVTQmOtKqVixv7agF/Hg==" ], "6xFsD1GCB9M7XKw2YxlsRw==": [ "MT27FBW6q+x91HBvTyGVKQ==", "ija3h8P09PxwjEuLSUS2HA==", "9bjl4H6CMWLL3h1g5y6i9Q==", "icr9XD5DN3YDWvP3naYL+g==", "uWz4SaM79VpO4EPAy+0C8g==", "59oEBlU3jh6EL6gtZDUaug==" ], "7mDaaxs3ev+uNEDYC97U3Q==": [ "1npmxgSnoYj2MyAhQMaE7g==" ], "AYWPcXxdUay0d/qxFjyxxA==": [ "lQBARBTddFvexevUD04GZA==", "uaetuJImncB6wudykQLpEA==", "sykv+pGN4TXggZNIwL/H4g==", "VWEbeFnFOHy1IkG21b5a5g==", "Ez8lHT2uV9Tf9vJC/T4WXg==", "xxrOMZzPk7ETmnvrIjBo0A==", "mJw+LvAbCoVMIOZXCXNFpg==", "Kqq2xlybjD/tOLmQWu2xPw==", "76mWuVYhbmIFsc4DNorK9A==" ], "ClKGxv1WoEy4xOcXN5Rq9A==": [ "MT27FBW6q+x91HBvTyGVKQ==", "ija3h8P09PxwjEuLSUS2HA==", "9bjl4H6CMWLL3h1g5y6i9Q==", "icr9XD5DN3YDWvP3naYL+g==", "uWz4SaM79VpO4EPAy+0C8g==", "59oEBlU3jh6EL6gtZDUaug==" ], "Esfj4A6yCPG0aR5IhgHmUg==": [ "XPUXyp+BOEJyEGOgXafi8Q==" ], "GJbaWmnnmSb6F31bTeHB5g==": [ "e0/Fzu8wfMZp9zX32i9rMQ==" ], "HKlRsQZtXaa3HoNDv500tg==": [ "Wt2cDYMEpulwA9twmA26Tg==", "H+1TqqY0KS7qdkZd4TU82A==" ], "MV68i9xAWcgxaP9HrTHIhA==": [ "e0/Fzu8wfMZp9zX32i9rMQ==" ], "NSiprMdkK5/5pxuNNJOh2A==": [ "Wt2cDYMEpulwA9twmA26Tg==", "H+1TqqY0KS7qdkZd4TU82A==" ], "O6NCE8KkqNnnBGJrWxfPwA==": [ "XPUXyp+BOEJyEGOgXafi8Q==" ], "OCIjbR16ktOEiFK36r0WNw==": [ "LuirMfnv2JkWFEU8MUuKUQ==" ], "P5Om9zCJ/QZ+hnrEvj6fGw==": [ "APh1+6yq/mlF0fXLxUkIDw==", "ymKqobod4xPivmLT/iq9oQ==" ], "PIk2BBAWexCFofMi5q03RA==": [ "S5Dzz9cigoJDCj8s5UcT0g==" ], "Rvi/ELF9npRUvy1j5xaf3A==": [ "e/80Mfq8+F+be18Mt0mGLQ==", "0pU+deBcFmDWmYK3la46Cw==", "IxCkO4K3nXWrryedje4cgg==", "RhxMXi5C56OKjYFOue53fg==", "93q5MXST6uuNjTpLR5s0WA==", "8Vh/74zzLJBwomIGKFVL4A==", "SOoi21BnbodkFkKkIXYCTg==", "JBN+5Tm9cbWD8uJN9lcsrQ==", "Ho9dxNTgk9NPzM9Q2Wtmxw==", "y6/KpQN0Gquhs1Lml+j1sQ==", "BbFyqCHo/md2/G6tJPmC8Q==", "9RxYA6DR0jHWLzVJ4iVKDg==", "IwbeLCY1EthbVOWfUWyeMg==", "1o3CcsK5ei5Kk6K4Xhffgg==", "eII69g8OYOZLzO43tqVZbQ==", "LpXpPLrqMWz/p4f2KzTt5A==" ], "S8p9UGak1oycptcpYp/1eg==": [ "d/522T+B/ARMNSG+3QfAWA==" ], "TojrxyF1uOeAnm6ena/7rw==": [ "MT27FBW6q+x91HBvTyGVKQ==", "ija3h8P09PxwjEuLSUS2HA==", "9bjl4H6CMWLL3h1g5y6i9Q==", "icr9XD5DN3YDWvP3naYL+g==", "uWz4SaM79VpO4EPAy+0C8g==", "59oEBlU3jh6EL6gtZDUaug==" ], "VMnz9P06lYzwRbSCeUuskg==": [ "e/80Mfq8+F+be18Mt0mGLQ==", "0pU+deBcFmDWmYK3la46Cw==", "IxCkO4K3nXWrryedje4cgg==", "RhxMXi5C56OKjYFOue53fg==", "93q5MXST6uuNjTpLR5s0WA==", "8Vh/74zzLJBwomIGKFVL4A==", "SOoi21BnbodkFkKkIXYCTg==", "JBN+5Tm9cbWD8uJN9lcsrQ==", "Ho9dxNTgk9NPzM9Q2Wtmxw==", "y6/KpQN0Gquhs1Lml+j1sQ==", "BbFyqCHo/md2/G6tJPmC8Q==", "9RxYA6DR0jHWLzVJ4iVKDg==", "IwbeLCY1EthbVOWfUWyeMg==", "1o3CcsK5ei5Kk6K4Xhffgg==", "eII69g8OYOZLzO43tqVZbQ==", "LpXpPLrqMWz/p4f2KzTt5A==" ], "W7uBqJb8l9AhSXjNg1JZQg==": [ "tbhLz74i3ShwS72WbIsoOA==" ], "WKZFJYHmPo5x9c8JUEnETA==": [ "Qbjoqw6Ot3cGOKNyQYBo4g==", "klH60uFrR0WkawaSlcOEKg==", "VYGbkY0i6P3tRJd9mM1wNg==", "PrCrIesi0sSvMQjPpvxecw==", "yzZzF1vLZmeTiLJMgY7W0Q==", "svCt47J2Zwa45xj8gn3U/w==", "e0VfCD1REapdkagkByCnXQ==", "NrTzMmbWyM5UeSvnQVNLOg==", "ixc06f0H9vqMfsbwQSwwvA==" ], "XIcr6HdP94Dud7DtFrfMZg==": [ "72HhoIyfPMwkQyR2IF7qqw==", "DXoWfwXPN9ZCvCU/obObKQ==" ], "aVZ2bh2CbtumQqaoGUZ8hA==": [ "FQwXyPZ+oHyxQZ9RBQXbpw==", "a9FllBAJiFi5FeYl0KG4aQ==", "l6IrI73Pg+lrisEtcgX+0Q==", "smB1yCGhBb8gDhPAER7odg==", "X7DmUVoCri5i6vdYVBBgXg==", "vnI8VBZMnSK/Spr6qFIUOA==", "8MfvwX+dRI6Qt2H+x71rZg==", "X4Ym25zfqcH7/samBN+yPw==", "d0nPfXoEZybRuV9TMDY3YQ==", "oqSc7q4k6wTno/u9knscCQ==", "H1wshPoazj8pmzsnWAztZA==", "zqGJegkbTlVqcHBa6HtRTQ==", "YIlv6HIDfGqvZL/MDTWWpg==", "+TrS27bZKgEeir9pISurnQ==", "Pza9Y2xtH9MChVMkZwgw2A==", "6rEIsdyQtCC456AuGwgsDQ==", "IFUwSX5dX69QHRHfvOeQDg==", "3UNcgW64Eji4iyY2ZDB1cg==" ], "cHSz9008xXk2HDIrSqWjiA==": [ "i8jbSS7GiilDkzscgLZVZw==", "ivSHxxsjgaRZwNS8gjOLdg==", "nWE/ISYsydroB8MspfTK4A==", "ImSCYftS79LxnrlAKQDjZg==" ], "cUL70WdpVP2ZBKoevAxwyA==": [ "Weic6NEdp8xlcBJDyp3fVA==", "ae3lHA7MmabWs4AIbhandQ==", "wDbkit+RvgMceV36guHpjw==", "vljECkHLXvnkFYEiPVK0gQ==", "66LeUA2b+ILx/Qsv0eSJ5w==" ], "enagVWadN12gI5iPYugyvg==": [ "iF/o4aDbQf1DAw7R+LiVQw==", "9iigvnuYDaC8UzcOIDLjIQ==", "GAn7gWUe2pFr7PbwechqxA==", "AUiFITCnRjRxctzqqbDeeA==" ], "ev4LjEwclLnf3ehIi3l8oA==": [ "bugTfOdgCaATW4vTnuXTSQ==", "HxI42iSjURjRki+uV6q/9w==" ], "ewbqmzgK8Rzf739yT7IKUQ==": [ "tbhLz74i3ShwS72WbIsoOA==" ], "jxodkkAvUPklQOkQf5mRGQ==": [ "YtNpM5pykErH+UBXZABWdg==", "TwoNniaY2Urt7TF64epJXg==", "2TDjlt2gAEWsLyBBPigFYw==", "s1dcPjwDKoFTCooK5ysv0w==", "6hAQW3vY9ZA/8datv1rY4g==", "M293c+QguJ/aaYP3cMwfyQ==", "0E1VjQWdmolR9lr9ElIZZQ==", "5BksN0izCeDRrtFMsNCyvg==", "mZCCwO//htsOIXazj/SeOw==" ], "kaLLRnNrSxtvkSdcliuniA==": [ "FQwXyPZ+oHyxQZ9RBQXbpw==", "a9FllBAJiFi5FeYl0KG4aQ==", "l6IrI73Pg+lrisEtcgX+0Q==", "smB1yCGhBb8gDhPAER7odg==", "X7DmUVoCri5i6vdYVBBgXg==", "vnI8VBZMnSK/Spr6qFIUOA==", "8MfvwX+dRI6Qt2H+x71rZg==", "X4Ym25zfqcH7/samBN+yPw==", "d0nPfXoEZybRuV9TMDY3YQ==", "oqSc7q4k6wTno/u9knscCQ==", "H1wshPoazj8pmzsnWAztZA==", "zqGJegkbTlVqcHBa6HtRTQ==", "YIlv6HIDfGqvZL/MDTWWpg==", "+TrS27bZKgEeir9pISurnQ==", "Pza9Y2xtH9MChVMkZwgw2A==", "6rEIsdyQtCC456AuGwgsDQ==", "IFUwSX5dX69QHRHfvOeQDg==", "3UNcgW64Eji4iyY2ZDB1cg==" ], "mEtFd+xMT095mIzRiir4ww==": [ "MT27FBW6q+x91HBvTyGVKQ==", "ija3h8P09PxwjEuLSUS2HA==", "9bjl4H6CMWLL3h1g5y6i9Q==", "icr9XD5DN3YDWvP3naYL+g==", "uWz4SaM79VpO4EPAy+0C8g==", "59oEBlU3jh6EL6gtZDUaug==" ], "rY/kE/V4JnxYoqV+lmc9mg==": [ "DDxCHnX+kCqcRQj9b90/cg==" ], "sKD1m/Tx9mlFSspWqkqwXA==": [ "kwonOUycdcBenNhjZ1b//Q==" ], "tRUHRfZm99qQXU83EzodXA==": [ "ki2PMarj2WoMKDbw3+XV3A==", "gg6QYPBlPoN8zpwNyr7x6w==", "QskDoDnTSvrQeDXklM4YOw==" ], "wKkzDAoEH1CCGQWghKjKdA==": [ "e0/Fzu8wfMZp9zX32i9rMQ==" ], "yr/wq9xPQXa1ScGcnndSag==": [ "e0/Fzu8wfMZp9zX32i9rMQ==" ] }, "enrichments": {} } pod: python-component-exaywd-on-pull-request-9j8wp-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: python-component-exaywd-on-pull-request-9j8wp-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 5, "warnings": [ { "msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libcap-2.48-10.el9 (CVE-2026-4878)", "name": "clair_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 1 } }, { "msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: gnutls-3.8.3-10.el9_7 (CVE-2026-33845, CVE-2026-42010), krb5-libs-1.21.1-9.el9_7 (CVE-2026-40356)", "name": "clair_unpatched_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 3 } }, { "msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: systemd-libs-252-55.el9_7.8 (CVE-2026-29111)", "name": "clair_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 1 } }, { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: openssl-fips-provider-3.0.7-8.el9 (CVE-2026-2673, CVE-2026-31790), openssl-libs-1:3.5.1-7.el9_7 (CVE-2026-2673, CVE-2026-28390, CVE-2026-31790), python3.12-3.12.12-4.el9_7.3 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2026-0672, CVE-2026-0865, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713, CVE-2026-6019), libmount-2.37.4-21.el9_7 (CVE-2026-27456), libgcrypt-1.10.0-11.el9 (CVE-2026-41989), gnutls-3.8.3-10.el9_7 (CVE-2026-3833, CVE-2026-42011), openssl-fips-provider-so-3.0.7-8.el9 (CVE-2026-2673, CVE-2026-31790), glibc-langpack-en-2.34-231.el9_7.10 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), libarchive-3.5.3-9.el9_7 (CVE-2023-30571, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), libblkid-2.37.4-21.el9_7 (CVE-2026-27456), xz-libs-5.2.5-8.el9_0 (CVE-2026-34743), glibc-minimal-langpack-2.34-231.el9_7.10 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), glibc-2.34-231.el9_7.10 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), curl-minimal-7.76.1-35.el9_7.3 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805, CVE-2026-4873, CVE-2026-5545, CVE-2026-5773, CVE-2026-6253, CVE-2026-6429), systemd-libs-252-55.el9_7.8 (CVE-2026-4105), libsmartcols-2.37.4-21.el9_7 (CVE-2026-27456), gnupg2-2.3.3-5.el9_7 (CVE-2025-68972), openldap-2.6.8-4.el9 (CVE-2026-22185), libcurl-minimal-7.76.1-35.el9_7.3 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805, CVE-2026-4873, CVE-2026-5545, CVE-2026-5773, CVE-2026-6253, CVE-2026-6429), libuuid-2.37.4-21.el9_7 (CVE-2026-27456), expat-2.5.0-5.el9_7.1 (CVE-2026-32776, CVE-2026-32777, CVE-2026-32778), python3.12-pip-wheel-23.2.1-5.el9 (CVE-2025-50181, CVE-2025-50182, CVE-2026-25645, CVE-2026-32284), krb5-libs-1.21.1-9.el9_7 (CVE-2026-40355), glibc-common-2.34-231.el9_7.10 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), glib2-2.68.4-18.el9_7.1 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), python3.12-libs-3.12.12-4.el9_7.3 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2026-0672, CVE-2026-0865, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713, CVE-2026-6019), coreutils-single-8.32-39.el9 (CVE-2025-5278), libxml2-2.9.13-14.el9_7 (CVE-2026-0990, CVE-2026-1757, CVE-2026-6732)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 106 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: openssl-libs-1:3.5.1-7.el9_7 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), python3.12-3.12.12-4.el9_7.3 (CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), pcre2-syntax-10.40-6.el9 (CVE-2022-41409), libgcrypt-1.10.0-11.el9 (CVE-2026-41990), gnutls-3.8.3-10.el9_7 (CVE-2026-3832), libtasn1-4.16.0-9.el9 (CVE-2025-13151), glibc-langpack-en-2.34-231.el9_7.10 (CVE-2026-4438), libarchive-3.5.3-9.el9_7 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), ncurses-base-6.2-12.20210508.el9 (CVE-2023-50495), glibc-minimal-langpack-2.34-231.el9_7.10 (CVE-2026-4438), glibc-2.34-231.el9_7.10 (CVE-2026-4438), ncurses-libs-6.2-12.20210508.el9 (CVE-2023-50495), curl-minimal-7.76.1-35.el9_7.3 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-15079, CVE-2025-15224, CVE-2026-6276), gnupg2-2.3.3-5.el9_7 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), libcurl-minimal-7.76.1-35.el9_7.3 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681, CVE-2025-14524, CVE-2025-15079, CVE-2025-15224, CVE-2026-6276), expat-2.5.0-5.el9_7.1 (CVE-2025-66382, CVE-2026-24515, CVE-2026-41080), libstdc++-11.5.0-11.el9 (CVE-2022-27943), glibc-common-2.34-231.el9_7.10 (CVE-2026-4438), glib2-2.68.4-18.el9_7.1 (CVE-2023-32636, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), python3.12-libs-3.12.12-4.el9_7.3 (CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), pcre2-10.40-6.el9 (CVE-2022-41409), sqlite-libs-3.34.1-9.el9_7 (CVE-2024-0232, CVE-2025-70873), gawk-5.1.0-6.el9 (CVE-2023-4156), zlib-1.2.11-40.el9 (CVE-2026-27171), libxml2-2.9.13-14.el9_7 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), libgcc-11.5.0-11.el9 (CVE-2022-27943)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 65 } } ] } ] {"vulnerabilities":{"critical":0,"high":1,"medium":1,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":3,"medium":106,"low":65,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1", "digests": ["sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082"]}} {"result":"SUCCESS","timestamp":"2026-05-10T19:30:52+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: python-component-exaywd-on-pull-request-9j8wp-clamav-scan-pod | init container: prepare 2026/05/10 19:25:37 Entrypoint initialization pod: python-component-exaywd-on-pull-request-9j8wp-clamav-scan-pod | init container: place-scripts 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-0-2cd6s 2026/05/10 19:30:28 Decoded script /tekton/scripts/script-1-r2l5v pod: python-component-exaywd-on-pull-request-9j8wp-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Detecting artifact type for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082. Detected container image. Processing image manifests. Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 9.037 sec (0 m 9 s) Start Date: 2026:05:10 19:30:43 End Date: 2026:05:10 19:30:52 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27996/Sun May 10 06:26:36 2026 Database version: 27996 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1778441453","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1778441453","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1778441453","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1", "digests": ["sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082"]}} pod: python-component-exaywd-on-pull-request-9j8wp-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd Attaching to quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading f5c831536b77 clamscan-ec-test-amd64.json Uploading 8d25e854b3bd clamscan-result-amd64.log Uploaded 8d25e854b3bd clamscan-result-amd64.log Uploaded f5c831536b77 clamscan-ec-test-amd64.json Uploading 6c40aec83447 application/vnd.oci.image.manifest.v1+json Uploaded 6c40aec83447 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-swpn/python-component-exaywd:on-pr-debbc6aa2d4782f5a4cbfb5b92c9c16725a339b1@sha256:d49b577feb232435687ebaa2a33abcf1dec16bd9ab528360fd929a1c9d59f082 Digest: sha256:6c40aec8344737cf5b7c3eb5c7171419d83c7e90dd6ad1443c607fd9ce4934e7 pod: python-component-exaywd-on-pull-request-9j8wp-init-pod | init container: prepare 2026/05/10 19:19:20 Entrypoint initialization pod: python-component-exaywd-on-pull-request-9j8wp-init-pod | container step-init: time="2026-05-10T19:19:25Z" level=info msg="[param] enable: false" time="2026-05-10T19:19:25Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-05-10T19:19:25Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-05-10T19:19:25Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-05-10T19:19:25Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-05-10T19:19:25Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-05-10T19:19:25Z" level=info msg="Cache proxy is disabled via param" time="2026-05-10T19:19:25Z" level=info msg="[result] HTTP PROXY: " time="2026-05-10T19:19:25Z" level=info msg="[result] NO PROXY: " New PipelineRun python-component-exaywd-on-pull-request-7cj86 found after retrigger for component build-e2e-swpn/python-component-exaywd PipelineRun python-component-exaywd-on-pull-request-7cj86 found for Component build-e2e-swpn/python-component-exaywd PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: ResolvingTaskRef PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Running PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Running PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Running PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Running PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Running PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Running PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Running PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Running PipelineRun python-component-exaywd-on-pull-request-7cj86 reason: Completed << Timeline ------------------------------ • [1.636 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace merging the PR should be successful [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:164 Timeline >> merged result sha: badb7d59beef8534f182b084b0f2e4afce688d12 for PR #33118 << Timeline ------------------------------ • [20.198 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace leads to triggering on push PipelineRun [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:174 Timeline >> Push PipelineRun has not been created yet for the component build-e2e-swpn/python-component-exaywd << Timeline ------------------------------ • [4.009 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace only one component is changed [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:190 Timeline >> PR #33122 got created with sha 734e41168a84578da7a176da4c8e35bff4ae02b1 << Timeline ------------------------------ • [20.198 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace only related pipelinerun should be triggered [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:205 Timeline >> on pull PiplelineRun has not been created yet for the PR << Timeline ------------------------------ • [19.216 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when a components is created with same git url in different namespace should fail to configure PaC for the component [build-service, github, pac-build, multi-component] /workspace/source/e2e-tests/tests/multi_component.go:264 Timeline >> Image repository for component go-component-xgjicg in namespace build-e2e-ezjs do not have right state ('' != 'ready') yet but it has status { { } { } []}. build status annotation value: {"pac":{"state":"error","error-id":53,"error-message":"53: Git repository is already handled by Pipelines as Code"},"message":"done"} build status: &{State:error MergeUrl: ConfigurationTime: ErrorInfo:{ErrId:53 ErrMessage:53: Git repository is already handled by Pipelines as Code}} << Timeline ------------------------------ • [134.626 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged After updating image visibility to private, it should not trigger another PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:560 Timeline >> found pipelinerun: gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 found pipelinerun: gh-test-custom-branch-ihleeg-on-pull-request-jz2b5 waiting for one minute and expecting to not trigger a PipelineRun << Timeline ------------------------------ • [0.292 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged image repo is updated to private [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:590 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:595 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:631 ------------------------------ • [6.391 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the component is removed related image repo and robot accounts deleted [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:650 ------------------------------ • [0.963 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the component is removed purge PR is created successfully [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /workspace/source/e2e-tests/tests/pac_build.go:666 Timeline >> Found purge PR with id: 3 << Timeline ------------------------------ • [FAILED] [1207.162 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] should lead to a nudge PR creation for child component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:412 [FAILED] Timed out after 1200.001s. timed out when waiting for component nudge PR to be created in build-nudge-child-rnocbk repository Expected : false to be true In [It] at: /workspace/source/e2e-tests/tests/renovate.go:427 @ 05/10/26 19:41:35.613 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] merging the PR should be successful for child component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:429 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/e2e-tests/tests/renovate.go:429 @ 05/10/26 19:41:42.773 ------------------------------ S [SKIPPED] [0.000 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] Verify the nudge updated the contents [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:440 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /workspace/source/e2e-tests/tests/renovate.go:440 @ 05/10/26 19:41:42.774 ------------------------------ [ReportAfterSuite] PASSED [1937.232 seconds] [ReportAfterSuite] Autogenerated ReportAfterSuite for --junit-report autogenerated by Ginkgo ------------------------------ Summarizing 1 Failure: [FAIL] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] should lead to a nudge PR creation for child component [build-service, renovate, multi-component, github] /workspace/source/e2e-tests/tests/renovate.go:427 Ran 62 of 157 Specs in 2010.644 seconds FAIL! -- 61 Passed | 1 Failed | 7 Pending | 88 Skipped Ginkgo ran 1 suite in 37m16.223964054s Test Suite Failed